libspf2: Fix CVE-2021-20314

There is no new release yet (see mailing list post on oss-security), so I'm picking the commit that fixes the CVE. There is another security flaw (without a CVE number) that is also mentioned in the oss-security announcement but it is not explained which commit patches the problem. (cherry picked from commit 46b7a5be1ced0280951d1a5736b0316de92a53f2)
author: Janne Heß <janne@hess.ooo> 2021-08-11 20:02:34 +0200
committer: github-actions[bot] <github-actions[bot]@users.noreply.github.com> 2021-08-12 00:43:36 +0000
commit: 2fd674897299b1700b9be7cbe7445447b411029e (patch)
tree: 7bfc86f4f1cfb4af485eecb75ae7e7bc4f245b38
parent: Merge pull request #133548 from angustrau/backport-maintainer (diff)
download: nixpkgs-2fd674897299b1700b9be7cbe7445447b411029e.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/pkgs/development/libraries/libspf2/default.nix b/pkgs/development/libraries/libspf2/default.nix
index 6a9cb8b647cc..dc46e356e2c8 100644
--- a/pkgs/development/libraries/libspf2/default.nix
+++ b/pkgs/development/libraries/libspf2/default.nix
@@ -17,6 +17,11 @@ stdenv.mkDerivation rec {
       url = "https://github.com/shevek/libspf2/commit/5852828582f556e73751076ad092f72acf7fc8b6.patch";
       sha256 = "1v6ashqzpr0xidxq0vpkjd8wd66cj8df01kyzj678ljzcrax35hk";
     })
+    (fetchurl {
+      name = "0002-CVE-2021-20314.patch";
+      url = "https://github.com/shevek/libspf2/commit/c37b7c13c30e225183899364b9f2efdfa85552ef.patch";
+      sha256 = "190nnh7mlz6328829ba6jajad16s3md8kraspn81qnvhwh0nkiak";
+    })
   ];
 
   postPatch = ''
author	Janne Heß <janne@hess.ooo>	2021-08-11 20:02:34 +0200
committer	github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2021-08-12 00:43:36 +0000
commit	2fd674897299b1700b9be7cbe7445447b411029e (patch)
tree	7bfc86f4f1cfb4af485eecb75ae7e7bc4f245b38
parent	Merge pull request #133548 from angustrau/backport-maintainer (diff)
download	nixpkgs-2fd674897299b1700b9be7cbe7445447b411029e.tar.gz