diff options
| author | Marek Mahut <marek.mahut@satoshilabs.com> | 2019-06-16 14:03:05 +0200 |
|---|---|---|
| committer | Marek Mahut <marek.mahut@satoshilabs.com> | 2019-06-16 14:03:05 +0200 |
| commit | 4683727693cf56e5f87f7e37dd9b8ea4291df958 (patch) | |
| tree | 5dfe15e5aed839343d1a391c6529a7491f1c5c93 | |
| parent | Merge pull request #63141 from tokudan/release-19.03-znc173 (diff) | |
| download | nixpkgs-4683727693cf56e5f87f7e37dd9b8ea4291df958.tar.gz | |
dhcpcd: CVE-2019-11577 CVE-2019-11578 CVE-2019-11579 CVE-2019-11766
| -rw-r--r-- | pkgs/tools/networking/dhcpcd/default.nix | 40 |
1 files changed, 39 insertions, 1 deletions
diff --git a/pkgs/tools/networking/dhcpcd/default.nix b/pkgs/tools/networking/dhcpcd/default.nix index 04652ea868d0..cdf103c8ccd6 100644 --- a/pkgs/tools/networking/dhcpcd/default.nix +++ b/pkgs/tools/networking/dhcpcd/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, pkgconfig, udev, runtimeShellPackage, runtimeShell }: +{ stdenv, fetchurl, pkgconfig, udev, runtimeShellPackage, runtimeShell, fetchpatch }: stdenv.mkDerivation rec { # when updating this to >=7, check, see previous reverts: @@ -10,6 +10,44 @@ stdenv.mkDerivation rec { sha256 = "0h94g5nl9bg3x3qaajqaz6izl6mlvyjgp93nifnlfb7r7n3j8yd2"; }; + patches = [ + (fetchpatch { + url = "https://roy.marples.name/cgit/dhcpcd.git/patch/?id=8d11b33f6c60e2db257130fa383ba76b6018bcf6"; + name = "CVE-2019-11577.patch"; + sha256 = "1fivwydjr5ijnfbwfrqi65d4qa27nwmqsqc5fhzhfpq7xidslv47"; + }) + (fetchpatch { + url = "https://roy.marples.name/cgit/dhcpcd.git/patch/?id=7121040790b611ca3fbc400a1bbcd4364ef57233"; + name = "CVE-2019-11578-1.patch"; + sha256 = "01vhdly78sld8cgaxfc441hliqm097lzfc9mlyv6q8c869bi3mk4"; + }) + (fetchpatch { + url = "https://roy.marples.name/cgit/dhcpcd.git/patch/?id=aee631aadeef4283c8a749c1caf77823304acf5e"; + name = "CVE-2019-11578-2.patch"; + sha256 = "1ar1pmbbh47rd7rz66mdy640iwir4rspqczw2nfx2yjxx3s00j3k"; + }) + (fetchpatch { + url = "https://roy.marples.name/cgit/dhcpcd.git/patch/?id=cfde89ab66cb4e5957b1c4b68ad6a9449e2784da"; + name = "CVE-2019-11578-3.patch"; + sha256 = "0ibgjhh51fii9wg92nvvy431d3r7nms8anki1h2fjzyqcmidhzm9"; + }) + (fetchpatch { + url = "https://roy.marples.name/cgit/dhcpcd.git/patch/?id=4b67f6f1038fd4ad5ca7734eaaeba1b2ec4816b8"; + name = "CVE-2019-11579.patch"; + sha256 = "0ir2c2206hxxq33mkp6n8hn254w3idgap2i0fh5h5c4bp6yg286i"; + }) + (fetchpatch { + url = "https://roy.marples.name/cgit/dhcpcd.git/patch/?id=c1ebeaafeb324bac997984abdcee2d4e8b61a8a8"; + name = "CVE-2019-11766-1.patch"; + sha256 = "0ksph40jmpvlchgriq84yn7lkh84159is6k49sq3m3lv0acdg9w5"; + }) + (fetchpatch { + url = "https://roy.marples.name/cgit/dhcpcd.git/patch/?id=896ef4a54b0578985e5e1360b141593f1d62837b"; + name = "CVE-2019-11766-2.patch"; + sha256 = "1miycp2drz1g5knhn5kk104amrfjz8nfbk68si8ap1wk755p8xvx"; + }) + ]; + nativeBuildInputs = [ pkgconfig ]; buildInputs = [ udev |