less: apply patch for security issue when opening files with \n in paths

https://www.openwall.com/lists/oss-security/2024/04/12/5 (cherry picked from commit 22bd2ab6247c42c3dbf9221d6f3a509c8291cd94)
author: Thomas Gerbet <thomas@gerbet.me> 2024-04-13 14:22:06 +0200
committer: github-actions[bot] <github-actions[bot]@users.noreply.github.com> 2024-04-15 05:55:56 +0000
commit: b0202dbde6c430baac66d590b519c8f3f9949bda (patch)
tree: 1f2164ec40e07971db5033074d568a2c7801dc6c
parent: jasmin-compiler: 2023.06.2 → 2023.06.3 (diff)
download: nixpkgs-b0202dbde6c430baac66d590b519c8f3f9949bda.tar.gz
1 files changed, 10 insertions, 0 deletions
diff --git a/pkgs/by-name/le/less/package.nix b/pkgs/by-name/le/less/package.nix
index 1efce2bddefc..f7791a2636eb 100644
--- a/pkgs/by-name/le/less/package.nix
+++ b/pkgs/by-name/le/less/package.nix
@@ -1,6 +1,7 @@
 { lib
 , stdenv
 , fetchurl
+, fetchpatch
 , ncurses
 , pcre2
 }:
@@ -16,6 +17,15 @@ stdenv.mkDerivation (finalAttrs: {
     hash = "sha256-KRG1QyyDb6CEyKLmj2zWMSNywCalj6qpiGJzHItgUug=";
   };
 
+  patches = [
+    (fetchpatch {
+      # https://www.openwall.com/lists/oss-security/2024/04/12/5
+      name = "sec-issue-newline-path.patch";
+      url = "https://gitlab.archlinux.org/archlinux/packaging/packages/less/-/raw/1d570db0c84fe95799f460526492e45e24c30ad0/backport-007521ac3c95bc76.patch";
+      hash = "sha256-BT8DLIu7oVhL5XL50uFVUp97qjklcvRHy85UQwVKAmc=";
+    })
+  ];
+
   buildInputs = [
     ncurses
     pcre2
author	Thomas Gerbet <thomas@gerbet.me>	2024-04-13 14:22:06 +0200
committer	github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2024-04-15 05:55:56 +0000
commit	b0202dbde6c430baac66d590b519c8f3f9949bda (patch)
tree	1f2164ec40e07971db5033074d568a2c7801dc6c
parent	jasmin-compiler: 2023.06.2 → 2023.06.3 (diff)
download	nixpkgs-b0202dbde6c430baac66d590b519c8f3f9949bda.tar.gz