pkgs/by-name/op/openslp/package.nix at devShellTools-shell · tjh.dev/nixpkgs

tjh.dev / nixpkgs

Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)

nixpkgs / pkgs / by-name / op / openslp / package.nix

at devShellTools-shell 45 lines 1.5 kB view raw

 1{
 2  lib,
 3  stdenv,
 4  fetchurl,
 5  fetchpatch,
 6}:
 7
 8stdenv.mkDerivation rec {
 9  pname = "openslp";
10  version = "2.0.0";
11
12  src = fetchurl {
13    url = "mirror://sourceforge/openslp/${version}/${version}/openslp-${version}.tar.gz";
14    sha256 = "16splwmqp0400w56297fkipaq9vlbhv7hapap8z09gp5m2i3fhwj";
15  };
16
17  patches = [
18    (fetchpatch {
19      name = "openslp-2.0.0-null-pointer-deref.patch";
20      url = "https://src.fedoraproject.org/rpms/openslp/raw/696fd55ae4fcea7beda0a25131dca8bfb14bbdf9/f/openslp-2.0.0-null-pointer-deref.patch";
21      sha256 = "186f3rj3z2lf5h1lpbhqk0szj2a9far1p3mjqg6422f29yjfnz6a";
22    })
23    (fetchpatch {
24      name = "openslp-2.0.0-CVE-2016-7567.patch";
25      url = "https://src.fedoraproject.org/rpms/openslp/raw/696fd55ae4fcea7beda0a25131dca8bfb14bbdf9/f/openslp-2.0.0-cve-2016-7567.patch";
26      sha256 = "0zp61axx93b7nrbsyhn2x4dnw7n9y6g4rys21hyqxk4khrnc2yr9";
27    })
28    ./CVE-2016-4912.patch
29    ./CVE-2019-5544.patch
30  ];
31
32  meta = with lib; {
33    homepage = "http://www.openslp.org/";
34    description = "Open-source implementation of the IETF Service Location Protocol";
35    maintainers = with maintainers; [ ttuegel ];
36    license = licenses.bsd3;
37    platforms = platforms.all;
38    # never built on aarch64-darwin since first introduction in nixpkgs
39    broken = stdenv.hostPlatform.isDarwin && stdenv.hostPlatform.isAarch64;
40    knownVulnerabilities = [
41      "CVE-2023-29552: UDP Reflection Attack with ampliciation factor of up to 2200"
42    ];
43  };
44
45}