lightdm-gtk-greter: fix CVE-2014-0979 by upstream patch

2014-02-06 21:55:22 +01:00 · 2014-02-06 21:55:22 +01:00 · 2ceb44b9a9
commit 2ceb44b9a9
parent 72740390d7
1 changed files with 7 additions and 1 deletions
--- a/pkgs/applications/display-managers/lightdm-gtk-greeter/default.nix
+++ b/pkgs/applications/display-managers/lightdm-gtk-greeter/default.nix
@ -20,7 +20,13 @@ stdenv.mkDerivation rec {
    sha256 = "1nb8ljrbrp1zga083g3b633xi3izxxm4jipw1qgial1x16mqc0hz";
  };

-  patches = [ ./lightdm-gtk-greeter.patch ];
+  patches = [
+    ./lightdm-gtk-greeter.patch
+    (fetchurl { # CVE-2014-0979, https://bugs.launchpad.net/lightdm-gtk-greeter/+bug/1266449
+      url = "https://launchpadlibrarian.net/161796033/07_fix-NULL-username.patch";
+      sha256 = "1sqkhsz1z10k6vlmlrqrfx452lznv30885fmnzc73p2zxdlw9q1a";
+    })
+  ];
  patchFlags = "-p1";

  buildInputs = [ pkgconfig lightdm intltool ]