diff options
author | Red Davies <red@infect.me> | 2020-11-24 23:07:13 -0500 |
---|---|---|
committer | Red Davies <red@infect.me> | 2020-11-25 17:01:30 -0500 |
commit | 2ddb0c7400df9e204ebae61a4f3411e17f53d8cf (patch) | |
tree | 0f82538f8c9860179c0dc0a61735eee3d221d9fc /pkgs/servers/corosync/default.nix | |
parent | 3b4fcbb5d1ddc1df28b57d2384bef70dd2d530c9 (diff) | |
download | nixpkgs-2ddb0c7400df9e204ebae61a4f3411e17f53d8cf.tar nixpkgs-2ddb0c7400df9e204ebae61a4f3411e17f53d8cf.tar.gz nixpkgs-2ddb0c7400df9e204ebae61a4f3411e17f53d8cf.tar.bz2 nixpkgs-2ddb0c7400df9e204ebae61a4f3411e17f53d8cf.tar.lz nixpkgs-2ddb0c7400df9e204ebae61a4f3411e17f53d8cf.tar.xz nixpkgs-2ddb0c7400df9e204ebae61a4f3411e17f53d8cf.tar.zst nixpkgs-2ddb0c7400df9e204ebae61a4f3411e17f53d8cf.zip |
corosync: 2.4.3 -> 2.4.5
Reason0: Changed name metadata to pname and version metadata. Reason1: Fixes CVE-2018-1084 Corosync is prone to an integer-overflow vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely cause a denial-of-service condition. Fixed in 2.4.4 See issue: #90784
Diffstat (limited to 'pkgs/servers/corosync/default.nix')
-rw-r--r-- | pkgs/servers/corosync/default.nix | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/pkgs/servers/corosync/default.nix b/pkgs/servers/corosync/default.nix index 5a209549d35..693ab0042f3 100644 --- a/pkgs/servers/corosync/default.nix +++ b/pkgs/servers/corosync/default.nix @@ -9,11 +9,12 @@ with stdenv.lib; stdenv.mkDerivation rec { - name = "corosync-2.4.3"; + pname = "corosync"; + version = "2.4.5"; src = fetchurl { - url = "http://build.clusterlabs.org/corosync/releases/${name}.tar.gz"; - sha256 = "15y5la04qn2lh1gabyifygzpa4dx3ndk5yhmaf7azxyjx0if9rxi"; + url = "http://build.clusterlabs.org/corosync/releases/${pname}-${version}.tar.gz"; + sha256 = "0pxs18vci9kq3qnqsg5i1h35jrxxiccwbm0mzja3g8j3izdsyvmb"; }; nativeBuildInputs = [ makeWrapper pkgconfig ]; |