diff options
| author | obadz <3359345+obadz@users.noreply.github.com> | 2020-03-17 13:04:05 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-03-17 13:04:05 +0000 |
| commit | bf7c0f0461e047bec108a5c5d5d1b144289a65ba (patch) | |
| tree | 1b99ecb8818f21abfdaed8b34a029209a9d40f44 | |
| parent | opensmtpd: mark as insecure due to CVE-2020-8794 / #80978 (diff) | |
| parent | opensmtpd: build against openssl (diff) | |
| download | nixpkgs-gitlab.intr/nixos-19.09.tar.gz | |
Merge pull request #82775 from Mic92/opensmtpd-backportgitlab.intr/nixos-19.09-smallgitlab.intr/nixos-19.09
opensmtpd: 6.4.2p1 -> 6.6.4p1 [backport 19.09]
| -rw-r--r-- | pkgs/servers/mail/opensmtpd/default.nix | 16 |
1 files changed, 4 insertions, 12 deletions
diff --git a/pkgs/servers/mail/opensmtpd/default.nix b/pkgs/servers/mail/opensmtpd/default.nix index 93d3055eb26e..83365dc099c5 100644 --- a/pkgs/servers/mail/opensmtpd/default.nix +++ b/pkgs/servers/mail/opensmtpd/default.nix @@ -1,33 +1,26 @@ { stdenv, fetchurl, autoconf, automake, libtool, bison -, libasr, libevent, zlib, libressl, db, pam, nixosTests +, libasr, libevent, zlib, openssl, db, pam, nixosTests }: stdenv.mkDerivation rec { pname = "opensmtpd"; - version = "6.4.2p1"; + version = "6.6.4p1"; nativeBuildInputs = [ autoconf automake libtool bison ]; - buildInputs = [ libasr libevent zlib libressl db pam ]; + buildInputs = [ libasr libevent zlib openssl db pam ]; src = fetchurl { url = "https://www.opensmtpd.org/archives/${pname}-${version}.tar.gz"; - sha256 = "0pgv080ai7d98l9340jadp9wjiaqj2qvgpqhilcz0kps2mdiawbd"; + sha256 = "1kyph9ycq0j21dl9n1sq5fns9p4gckdi0fmnf8awrcwrdcm9dyg2"; }; patches = [ ./proc_path.diff # TODO: upstream to OpenSMTPD, see https://github.com/NixOS/nixpkgs/issues/54045 - (fetchurl { - name = "CVE-2020-7247.patch"; - url = "https://github.com/OpenSMTPD/OpenSMTPD/commit/d2688c097e0ff53037c7403e09426771876a3907.patch"; - sha256 = "1mr5zb7mgpapf80xrcjvvzinzyiqcd3i0z4jwj11wl3zrfq5kwwn"; - }) ]; # See https://github.com/OpenSMTPD/OpenSMTPD/issues/885 for the `sh bootstrap` # requirement postPatch = '' - substituteInPlace smtpd/parse.y \ - --replace "/usr/libexec/" "$out/libexec/opensmtpd/" substituteInPlace mk/smtpctl/Makefile.am --replace "chgrp" "true" substituteInPlace mk/smtpctl/Makefile.am --replace "chmod 2555" "chmod 0555" sh bootstrap @@ -65,7 +58,6 @@ stdenv.mkDerivation rec { license = licenses.isc; platforms = platforms.linux; maintainers = with maintainers; [ rickynils obadz ekleog ]; - knownVulnerabilities = [ "CVE-2020-8794" ]; }; passthru.tests = { basic-functionality-and-dovecot-interaction = nixosTests.opensmtpd; |