diff options
author | Vladimír Čunát <v@cunat.cz> | 2019-11-09 15:29:58 +0100 |
---|---|---|
committer | Vladimír Čunát <v@cunat.cz> | 2019-11-09 15:29:58 +0100 |
commit | 802c81efa4a7c135c0f667a767fd36c0d3ed8783 (patch) | |
tree | a9d4c9e3673d01972ddc906d24cae80030557929 /pkgs/tools/archivers | |
parent | 735894c103c2d4c6f83f05c17d4aafd2b0046371 (diff) | |
parent | 4d33b41d3d1a6ab5107ff60edd16d5ea0bab1e56 (diff) | |
download | nixpkgs-802c81efa4a7c135c0f667a767fd36c0d3ed8783.tar nixpkgs-802c81efa4a7c135c0f667a767fd36c0d3ed8783.tar.gz nixpkgs-802c81efa4a7c135c0f667a767fd36c0d3ed8783.tar.bz2 nixpkgs-802c81efa4a7c135c0f667a767fd36c0d3ed8783.tar.lz nixpkgs-802c81efa4a7c135c0f667a767fd36c0d3ed8783.tar.xz nixpkgs-802c81efa4a7c135c0f667a767fd36c0d3ed8783.tar.zst nixpkgs-802c81efa4a7c135c0f667a767fd36c0d3ed8783.zip |
Merge #71401: unzip: CVE-2019-13232 (into staging)
Diffstat (limited to 'pkgs/tools/archivers')
-rw-r--r-- | pkgs/tools/archivers/unzip/default.nix | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/pkgs/tools/archivers/unzip/default.nix b/pkgs/tools/archivers/unzip/default.nix index cdf189e82df..7bbcc906292 100644 --- a/pkgs/tools/archivers/unzip/default.nix +++ b/pkgs/tools/archivers/unzip/default.nix @@ -26,6 +26,21 @@ stdenv.mkDerivation { ./CVE-2016-9844.patch ./CVE-2018-18384.patch ./dont-hardcode-cc.patch + (fetchurl { + url = "https://github.com/madler/unzip/commit/41beb477c5744bc396fa1162ee0c14218ec12213.patch"; + name = "CVE-2019-13232-1.patch"; + sha256 = "04jzd6chg9fw4l5zadkfsrfm5llrd7vhd1dgdjjd29nrvkrjyn14"; + }) + (fetchurl { + url = "https://github.com/madler/unzip/commit/47b3ceae397d21bf822bc2ac73052a4b1daf8e1c.patch"; + name = "CVE-2019-13232-2.patch"; + sha256 = "0iy2wcjyvzwrjk02iszwcpg85fkjxs1bvb9isvdiywszav4yjs32"; + }) + (fetchurl { + url = "https://github.com/madler/unzip/commit/6d351831be705cc26d897db44f878a978f4138fc.patch"; + name = "CVE-2019-13232-3.patch"; + sha256 = "1jvs7dkdqs97qnsqc6hk088alhv8j4c638k65dbib9chh40jd7pf"; + }) ] ++ stdenv.lib.optional enableNLS (fetchurl { url = "http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/app-arch/unzip/files/unzip-6.0-natspec.patch?revision=1.1"; |