pyrox.dev
exim: patch CVE-2017-1000369 (stack clash)
+9
-1
pkgs/servers/mail/exim/default.nix
+9
-1
pkgs/servers/mail/exim/default.nix
···
1
-
{ coreutils, fetchurl, db, openssl, pcre, perl, pkgconfig, stdenv }:
1
+
{ coreutils, fetchurl, db, openssl, pcre, perl, pkgconfig, stdenv, fetchpatch }:
2
2
3
3
stdenv.mkDerivation rec {
4
4
name = "exim-4.89";
···
7
7
url = "http://ftp.exim.org/pub/exim/exim4/${name}.tar.xz";
8
8
sha256 = "09lndv34jsxwglq5zsh9y4xaqj5g37g9ca4x0zb25fvvm4f0lj8c";
9
9
};
10
+
11
+
patches = [
12
+
(fetchpatch {
13
+
name = "CVE-2017-1000369.patch";
14
+
url = "https://anonscm.debian.org/git/pkg-exim4/exim4.git/plain/debian/patches/79_CVE-2017-1000369.patch?h=4.89-2%2bdeb9u1";
15
+
sha256 = "0v46zywgkv1rdqhybqqrd0rwkdaj6q1f4x0a3vm9p0wz8vad3023";
16
+
})
17
+
];
10
18
11
19
buildInputs = [ coreutils db openssl pcre perl pkgconfig ];
12
20