diff options
author | Robert Scott <code@humanleg.org.uk> | 2023-01-07 13:48:16 +0000 |
---|---|---|
committer | github-actions[bot] <github-actions[bot]@users.noreply.github.com> | 2023-01-08 16:06:09 +0000 |
commit | 09a9af3d1bf0db2d8d6ae5d2fff84f126e4af9cd (patch) | |
tree | 11c9b542eaeab2d66b5213d33dd8fb31a88f3f03 | |
parent | 3f3c12856bbdd15a2121eecf959cf9219158a9e5 (diff) |
libconfuse: add patch for CVE-2022-40320
(cherry picked from commit 764a1d3752ee90998eaa01d42be3f4e6c68beb6e)
-rw-r--r-- | pkgs/development/libraries/libconfuse/default.nix | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/pkgs/development/libraries/libconfuse/default.nix b/pkgs/development/libraries/libconfuse/default.nix index 7545fe9617cc..91a5a2f26f87 100644 --- a/pkgs/development/libraries/libconfuse/default.nix +++ b/pkgs/development/libraries/libconfuse/default.nix @@ -1,4 +1,10 @@ -{ lib, stdenv, fetchFromGitHub, autoreconfHook, flex }: +{ lib +, stdenv +, fetchFromGitHub +, fetchpatch +, autoreconfHook +, flex +}: stdenv.mkDerivation rec { pname = "libconfuse"; @@ -11,6 +17,18 @@ stdenv.mkDerivation rec { owner = "martinh"; }; + patches = [ + (fetchpatch { + name = "CVE-2022-40320.patch"; + urls = [ + "https://sources.debian.org/data/main/libc/libconfuse/3.3-3/debian/patches/CVE-2022-40320.patch" + # files on sources.debian.org can disappear + "https://web.archive.org/web/20230107133212/https://sources.debian.org/data/main/libc/libconfuse/3.3-3/debian/patches/CVE-2022-40320.patch" + ]; + sha256 = "sha256-ftfE9JFz4nyRSOb2xHb9BAtgWn5Yv2WLm4RegDLtiBw="; + }) + ]; + postPatch = '' substituteInPlace tests/Makefile.am \ --replace 'TESTS += empty_string' "" \ |