pyrox.dev
Merge pull request #136194 from risicle/ris-apr-CVE-2021-35940
apr: add patch for CVE-2021-35940
authored by Robert Scott and committed by GitHub e318fe08 b90798f5
+10
-2
pkgs/development/libraries/apr/default.nix
+10
-2
pkgs/development/libraries/apr/default.nix
···
1
-
{ lib, stdenv, fetchurl, autoreconfHook }:
1
+
{ lib, stdenv, fetchurl, fetchpatch, autoreconfHook }:
2
2
3
3
stdenv.mkDerivation rec {
4
4
pname = "apr";
···
9
9
sha256 = "1spp6r2a3xcl5yajm9safhzyilsdzgagc2dadif8x6z9nbq4iqg2";
10
10
};
11
11
12
-
patches = lib.optionals stdenv.isDarwin [ ./is-this-a-compiler-bug.patch ];
12
+
patches = [
13
+
(fetchpatch {
14
+
name = "CVE-2021-35940.patch";
15
+
url = "https://dist.apache.org/repos/dist/release/apr/patches/apr-1.7.0-CVE-2021-35940.patch";
16
+
sha256 = "1qd511dyqa1b7bj89iihrlbaavbzl6yyblqginghmcnhw8adymbs";
17
+
# convince fetchpatch to restore missing `a/`, `b/` to paths
18
+
extraPrefix = "";
19
+
})
20
+
] ++ lib.optionals stdenv.isDarwin [ ./is-this-a-compiler-bug.patch ];
13
21
14
22
# This test needs the net
15
23
postPatch = ''