pyrox.dev / nixpkgs
lol
fork atom

libexosip: 4.1.0 -> 5.2.0

Fix CVE-2014-10375.

sipwitch is marked as broken as it does compile with libexosip > 5.0.0
and the upstream project appears to be stalled/abandoned.

Thomas Gerbet fdafac8b 59863dc3

options
unified split
Changed files
+5 -11
pkgs
development
libraries
exosip
default.nix
servers
sip
sipwitch
default.nix
+4 -11
pkgs/development/libraries/exosip/default.nix
··· 1 - { lib, stdenv, fetchurl, libosip, openssl, pkg-config, fetchpatch }: 2 3 stdenv.mkDerivation rec { 4 pname = "libexosip2"; 5 - version = "4.1.0"; 6 7 src = fetchurl { 8 - url = "mirror://savannah/exosip/libeXosip2-${version}.tar.gz"; 9 - sha256 = "17cna8kpc8nk1si419vgr6r42k2lda0rdk50vlxrw8rzg0xp2xrw"; 10 }; 11 12 nativeBuildInputs = [ pkg-config ]; 13 buildInputs = [ libosip openssl ]; 14 - 15 - patches = [ 16 - (fetchpatch { 17 - url = "https://sources.debian.net/data/main/libe/libexosip2/4.1.0-2.1/debian/patches/openssl110.patch"; 18 - sha256 = "01q2dax7pwh197mn18r22y38mrsky85mvs9vbkn9fpcilrdayal6"; 19 - }) 20 - ]; 21 22 meta = with lib; { 23 license = licenses.gpl2Plus;
··· 1 + { lib, stdenv, fetchurl, libosip, openssl, pkg-config }: 2 3 stdenv.mkDerivation rec { 4 pname = "libexosip2"; 5 + version = "5.2.0"; 6 7 src = fetchurl { 8 + url = "mirror://savannah/exosip/${pname}-${version}.tar.gz"; 9 + sha256 = "09bj7cm6mk8yr68y5a09a625x10ql6an3zi4pj6y1jbkhpgqibp3"; 10 }; 11 12 nativeBuildInputs = [ pkg-config ]; 13 buildInputs = [ libosip openssl ]; 14 15 meta = with lib; { 16 license = licenses.gpl2Plus;
+1
pkgs/servers/sip/sipwitch/default.nix
··· 23 license = lib.licenses.gpl3Plus; 24 maintainers = with lib.maintainers; [ ]; 25 platforms = with lib.platforms; linux; 26 }; 27 }
··· 23 license = lib.licenses.gpl3Plus; 24 maintainers = with lib.maintainers; [ ]; 25 platforms = with lib.platforms; linux; 26 + broken = true; # Require libexosip2 < 5.0.0 which is vulnerable to CVE-2014-10375. 27 }; 28 }