diff options
Diffstat (limited to 'pkgs/development/libraries/glibc/common.nix')
-rw-r--r-- | pkgs/development/libraries/glibc/common.nix | 33 |
1 files changed, 11 insertions, 22 deletions
diff --git a/pkgs/development/libraries/glibc/common.nix b/pkgs/development/libraries/glibc/common.nix index 1b53acf12b1..5cb627ed895 100644 --- a/pkgs/development/libraries/glibc/common.nix +++ b/pkgs/development/libraries/glibc/common.nix @@ -19,6 +19,7 @@ let inherit (buildPackages) linuxHeaders; version = "2.25"; + patchSuffix = "-49"; sha256 = "067bd9bb3390e79aa45911537d13c3721f1d9d3769931a30c2681bfee66f23a0"; cross = if buildPlatform != hostPlatform then hostPlatform else null; in @@ -38,7 +39,15 @@ stdenv.mkDerivation ({ enableParallelBuilding = true; patches = - [ /* Have rpcgen(1) look for cpp(1) in $PATH. */ + [ + /* No tarballs for stable upstream branch, only https://sourceware.org/git/?p=glibc.git + $ git co release/2.25/master; git describe + glibc-2.25-49-gbc5ace67fe + $ git show --reverse glibc-2.25..release/2.25/master | gzip -n -9 --rsyncable - > 2.25-49.patch.gz + */ + ./2.25-49.patch.gz + + /* Have rpcgen(1) look for cpp(1) in $PATH. */ ./rpcgen-path.patch /* Allow NixOS and Nix to handle the locale-archive. */ @@ -50,24 +59,10 @@ stdenv.mkDerivation ({ /* Don't use /etc/ld.so.preload, but /etc/ld-nix.so.preload. */ ./dont-use-system-ld-so-preload.patch - /* Add blowfish password hashing support. This is needed for - compatibility with old NixOS installations (since NixOS used - to default to blowfish). */ - ./glibc-crypt-blowfish.patch - /* The command "getconf CS_PATH" returns the default search path "/bin:/usr/bin", which is inappropriate on NixOS machines. This patch extends the search path by "/run/current-system/sw/bin". */ ./fix_path_attribute_in_getconf.patch - - /* Stack Clash */ - ./CVE-2017-1000366-rtld-LD_LIBRARY_PATH.patch - ./CVE-2017-1000366-rtld-LD_PRELOAD.patch - ./CVE-2017-1000366-rtld-LD_AUDIT.patch - ] - ++ lib.optionals stdenv.isi686 [ - ./fix-i686-memchr.patch - ./i686-fix-vectorized-strcspn.patch ] ++ lib.optional stdenv.isx86_64 ./fix-x64-abi.patch; @@ -90,12 +85,6 @@ stdenv.mkDerivation ({ + '' cat ${./glibc-remove-datetime-from-nscd.patch} \ | sed "s,@out@,$out," | patch -p1 - '' - # CVE-2014-8121, see https://bugzilla.redhat.com/show_bug.cgi?id=1165192 - + '' - substituteInPlace ./nss/nss_files/files-XXX.c \ - --replace 'status = internal_setent (stayopen);' \ - 'status = internal_setent (1);' ''; configureFlags = @@ -145,7 +134,7 @@ stdenv.mkDerivation ({ // (removeAttrs args [ "withLinuxHeaders" "withGd" ]) // { - name = name + "-${version}" + + name = name + "-${version}${patchSuffix}" + lib.optionalString (cross != null) "-${cross.config}"; src = fetchurl { |