diff options
author | Andreas Rammhold <andreas@rammhold.de> | 2018-02-04 09:29:08 +0100 |
---|---|---|
committer | Andreas Rammhold <andreas@rammhold.de> | 2018-02-07 11:40:46 +0100 |
commit | ea817d7b6fa0d0cf4644973d7cf89ad4e23d2f6a (patch) | |
tree | 22d2215aa5e67ba05466b7e56456d34f3237983c /pkgs/servers/squid/default.nix | |
parent | 291b05ee21a6b822e999566febf9e419e45936da (diff) | |
download | nixpkgs-ea817d7b6fa0d0cf4644973d7cf89ad4e23d2f6a.tar nixpkgs-ea817d7b6fa0d0cf4644973d7cf89ad4e23d2f6a.tar.gz nixpkgs-ea817d7b6fa0d0cf4644973d7cf89ad4e23d2f6a.tar.bz2 nixpkgs-ea817d7b6fa0d0cf4644973d7cf89ad4e23d2f6a.tar.lz nixpkgs-ea817d7b6fa0d0cf4644973d7cf89ad4e23d2f6a.tar.xz nixpkgs-ea817d7b6fa0d0cf4644973d7cf89ad4e23d2f6a.tar.zst nixpkgs-ea817d7b6fa0d0cf4644973d7cf89ad4e23d2f6a.zip |
squid: fix CVE-2018-1000024 & CVE-2018-1000027
Diffstat (limited to 'pkgs/servers/squid/default.nix')
-rw-r--r-- | pkgs/servers/squid/default.nix | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/pkgs/servers/squid/default.nix b/pkgs/servers/squid/default.nix index 7f1c97bd642..95f4233df10 100644 --- a/pkgs/servers/squid/default.nix +++ b/pkgs/servers/squid/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, perl, openldap, pam, db, cyrus_sasl, libcap +{ stdenv, fetchurl, fetchpatch, perl, openldap, pam, db, cyrus_sasl, libcap , expat, libxml2, openssl }: stdenv.mkDerivation rec { @@ -13,6 +13,19 @@ stdenv.mkDerivation rec { perl openldap db cyrus_sasl expat libxml2 openssl ] ++ stdenv.lib.optionals stdenv.isLinux [ libcap pam ]; + patches = [ + (fetchpatch { + name = "CVE-2018-1000024.patch"; + url = http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2018_1.patch; + sha256 = "0vzxr4rmybz0w4c1hi3szvqawbzl4r4b8wyvq9vgq1mzkk5invpg"; + }) + (fetchpatch { + name = "CVE-2018-1000027.patch"; + url = http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2018_2.patch; + sha256 = "1a8hwk9z7h1j0c57anfzp3bwjd4pjbyh8aks4ca79nwz4d0y6wf3"; + }) + ]; + configureFlags = [ "--enable-ipv6" "--disable-strict-error-checking" |