JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #105157 from mweinelt/libslirp

Browse Source 
libslirp: fix CVE-2020-29129
This commit is contained in:
Martin Weinelt 2020-11-30 15:56:09 +01:00 committed by GitHub
commit 3200eaef74
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
pkgs/applications/virtualization/qemu/default.nix
View File

@ -100,6 +100,15 @@ stdenv.mkDerivation rec {
}) })
]; ];
# Remove CVE-2020-{29129,29130} for QEMU >5.1.0
postPatch = ''
(cd slirp && patch -p1 < ${fetchpatch {
name = "CVE-2020-29129_CVE-2020-29130.patch";
url = "https://gitlab.freedesktop.org/slirp/libslirp/-/commit/2e1dcbc0c2af64fcb17009eaf2ceedd81be2b27f.patch";
sha256 = "01vbjqgnc0kp881l5p6b31cyyirhwhavm6x36hlgkymswvl3wh9w";
}})
'';
hardeningDisable = [ "stackprotector" ]; hardeningDisable = [ "stackprotector" ];
preConfigure = '' preConfigure = ''

10
pkgs/development/libraries/libslirp/default.nix
View File

@ -1,5 +1,6 @@
{ stdenv { stdenv
, fetchFromGitLab , fetchFromGitLab
, fetchpatch
, meson , meson
, ninja , ninja
, pkg-config , pkg-config
@ -18,6 +19,15 @@ stdenv.mkDerivation rec {
sha256 = "0pzgjj2x2vrjshrzrl2x39xp5lgwg4b4y9vs8xvadh1ycl10v3fv"; sha256 = "0pzgjj2x2vrjshrzrl2x39xp5lgwg4b4y9vs8xvadh1ycl10v3fv";
}; };
patches = [
# remove >4.3.1
(fetchpatch {
name = "CVE-2020-29129_CVE-2020-29130.patch";
url = "https://gitlab.freedesktop.org/slirp/libslirp/-/commit/2e1dcbc0c2af64fcb17009eaf2ceedd81be2b27f.patch";
sha256 = "01vbjqgnc0kp881l5p6b31cyyirhwhavm6x36hlgkymswvl3wh9w";
})
];
nativeBuildInputs = [ meson ninja pkg-config ]; nativeBuildInputs = [ meson ninja pkg-config ];
buildInputs = [ glib ]; buildInputs = [ glib ];