wpa_supplicant: apply patch for CVE-2019-16275

author: Pierre Bourdon <delroth@gmail.com> 2019-10-02 21:16:56 +0200
committer: Pierre Bourdon <delroth@gmail.com> 2019-10-02 21:24:23 +0200
commit: 559687498b4d0777802067a6929cfdb758b8fabb (patch)
tree: b48626f8a0752ae057264c4c89aa1dcde6e65b2e /pkgs/os-specific/linux/wpa_supplicant
parent: 1c429acbffc650d960ec64014e9af92c8f2577f3 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/pkgs/os-specific/linux/wpa_supplicant/default.nix b/pkgs/os-specific/linux/wpa_supplicant/default.nix
index 69525c92ede9..f0abc1660817 100644
--- a/pkgs/os-specific/linux/wpa_supplicant/default.nix
+++ b/pkgs/os-specific/linux/wpa_supplicant/default.nix
@@ -13,6 +13,14 @@ stdenv.mkDerivation rec {
     sha256 = "05qzak1mssnxcgdrafifxh9w86a4ha69qabkg4bsigk499xyxggw";
   };
 
+  patches = [
+    (fetchurl {
+      name = "CVE-2019-16275.patch";
+      url = "https://w1.fi/security/2019-7/0001-AP-Silently-ignore-management-frame-from-unexpected-.patch";
+      sha256 = "15xjyy7crb557wxpx898b5lnyblxghlij0xby5lmj9hpwwss34dz";
+    })
+  ];
+
   # TODO: Patch epoll so that the dbus actually responds
   # TODO: Figure out how to get privsep working, currently getting SIGBUS
   extraConfig = ''
author	Pierre Bourdon <delroth@gmail.com>	2019-10-02 21:16:56 +0200
committer	Pierre Bourdon <delroth@gmail.com>	2019-10-02 21:24:23 +0200
commit	559687498b4d0777802067a6929cfdb758b8fabb (patch)
tree	b48626f8a0752ae057264c4c89aa1dcde6e65b2e /pkgs/os-specific/linux/wpa_supplicant
parent	1c429acbffc650d960ec64014e9af92c8f2577f3 (diff)