commit bca531a34f7b461b00a5940b5f9cab26a7cc3f4a · tjh.dev/nixpkgs

tjh.dev / nixpkgs

Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)

rpm: 4.12.0 -> 4.13.0-rc1 for CVEs

Null pointer deref & out of bound reads. See: https://lwn.net/Vulnerabilities/685287/

Fedora is shipping the rc1 as well.

re: https://github.com/NixOS/nixpkgs/pull/18975
(cherry picked from commit dad5651bd4f2376294ad3159c0361e03fb91cb06)

Graham Christensen 9 years ago bca531a3 9ae2d387

+3 -3

1 changed file

expand all

unified split

pkgs

tools

package-management

rpm

default.nix

+3 -3

pkgs/tools/package-management/rpm/default.nix

··· 1 { stdenv, fetchurl, cpio, zlib, bzip2, file, elfutils, libarchive, nspr, nss, popt, db, xz, python, lua, pkgconfig, autoreconfHook }: 2 3 stdenv.mkDerivation rec { 4 - name = "rpm-4.12.0"; 5 6 src = fetchurl { 7 - url = "http://rpm.org/releases/rpm-4.12.x/${name}.tar.bz2"; 8 - sha256 = "18hk47hc755nslvb7xkq4jb095z7va0nlcyxdpxayc4lmb8mq3bp"; 9 }; 10 11 buildInputs = [ cpio zlib bzip2 file libarchive nspr nss db xz python lua pkgconfig autoreconfHook ];

··· 1 { stdenv, fetchurl, cpio, zlib, bzip2, file, elfutils, libarchive, nspr, nss, popt, db, xz, python, lua, pkgconfig, autoreconfHook }: 2 3 stdenv.mkDerivation rec { 4 + name = "rpm-4.13.0-rc1"; 5 6 src = fetchurl { 7 + url = "http://www.rpm.org/releases/testing/rpm-4.13.0-rc1.tar.bz2"; 8 + sha256 = "097mc0kkrf09c01hrgi71df7maahmvayfgsvspnxigvl3xysv8hp"; 9 }; 10 11 buildInputs = [ cpio zlib bzip2 file libarchive nspr nss db xz python lua pkgconfig autoreconfHook ];