commit beb373895be4288eab73cc96b9ca55e7bfc549aa · tjh.dev/nixpkgs

tjh.dev / nixpkgs

Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)

fork atom

sharutils: Patch CVE-2018-1000097

(cherry picked from commit 1571c1f6631daaeae7db43983500ba3412ab6080)

Tim Steinbach 7 years ago beb37389 2d2c2df6

+9 -1

1 changed file

expand all

unified split

pkgs

tools

archivers

sharutils

default.nix

+9 -1

pkgs/tools/archivers/sharutils/default.nix

··· 19 19 # remaps /etc/passwd to a trivial file, but we can't do that on Darwin so I do this 20 20 # instead. In this case, I pass in the very imaginative "submitter" as the submitter name 21 21 22 - patchPhase = let 22 + patches = [ 23 + # CVE-2018-1000097 24 + (fetchurl { 25 + url = "https://sources.debian.org/data/main/s/sharutils/1:4.15.2-2+deb9u1/debian/patches/01-fix-heap-buffer-overflow-cve-2018-1000097.patch"; 26 + sha256 = "19g0sxc8g79aj5gd5idz5409311253jf2q8wqkasf0handdvsbxx"; 27 + }) 28 + ]; 29 + 30 + postPatch = let 23 31 # This evaluates to a string containing: 24 32 # 25 33 # substituteInPlace tests/shar-2 --replace '${SHAR}' '${SHAR} -s submitter'