diff options
author | Renaud <c0bw3b@users.noreply.github.com> | 2019-11-03 16:44:17 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-11-03 16:44:17 +0100 |
commit | 73523e026e894e576a6fd8c1cbf7c0cf46aaab39 (patch) | |
tree | d7eff85befca5520f0c6966dba831df3f37168ec /pkgs/servers/shellinabox/default.nix | |
parent | 7153c484cd960c550cd8eedf4cf271994c121644 (diff) | |
download | nixpkgs-73523e026e894e576a6fd8c1cbf7c0cf46aaab39.tar nixpkgs-73523e026e894e576a6fd8c1cbf7c0cf46aaab39.tar.gz nixpkgs-73523e026e894e576a6fd8c1cbf7c0cf46aaab39.tar.bz2 nixpkgs-73523e026e894e576a6fd8c1cbf7c0cf46aaab39.tar.lz nixpkgs-73523e026e894e576a6fd8c1cbf7c0cf46aaab39.tar.xz nixpkgs-73523e026e894e576a6fd8c1cbf7c0cf46aaab39.tar.zst nixpkgs-73523e026e894e576a6fd8c1cbf7c0cf46aaab39.zip |
shellinabox: fix CVE-2018-16789
(#72620)
Diffstat (limited to 'pkgs/servers/shellinabox/default.nix')
-rw-r--r-- | pkgs/servers/shellinabox/default.nix | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/pkgs/servers/shellinabox/default.nix b/pkgs/servers/shellinabox/default.nix index af1992fc869..fe1837e907a 100644 --- a/pkgs/servers/shellinabox/default.nix +++ b/pkgs/servers/shellinabox/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, autoreconfHook, pam, openssl, openssh, shadow, makeWrapper }: +{ stdenv, fetchFromGitHub, fetchpatch, autoreconfHook, pam, openssl, openssh, shadow, makeWrapper }: stdenv.mkDerivation rec { version = "2.20"; @@ -11,10 +11,17 @@ stdenv.mkDerivation rec { sha256 = "1hmfayh21cks2lyj572944ll0mmgsxbnj981b3hq3nhdg8ywzjfr"; }; - patches = [ ./shellinabox-minus.patch ]; + patches = [ + ./shellinabox-minus.patch + (fetchpatch { + name = "CVE-2018-16789.patch"; + url = "https://github.com/shellinabox/shellinabox/commit/4f0ecc31ac6f985e0dd3f5a52cbfc0e9251f6361.patch"; + sha256 = "1mpm6acxdb0fms9pa2b88fx6hp07ph87ahxi82yyqj2m7p79jx7a"; + }) + ]; - nativeBuildInputs = [ autoreconfHook ]; - buildInputs = [ pam openssl openssh makeWrapper ]; + nativeBuildInputs = [ autoreconfHook makeWrapper ]; + buildInputs = [ pam openssl openssh ]; # Disable GSSAPIAuthentication errors. Also, paths in certain source files are # hardcoded. Replace the hardcoded paths with correct paths. |