Merge pull request #105157 from mweinelt/libslirp

libslirp: fix CVE-2020-29129
This commit is contained in:
Martin Weinelt 2020-11-30 15:56:09 +01:00 committed by GitHub
commit 3200eaef74
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 19 additions and 0 deletions

View File

@ -100,6 +100,15 @@ stdenv.mkDerivation rec {
})
];
# Remove CVE-2020-{29129,29130} for QEMU >5.1.0
postPatch = ''
(cd slirp && patch -p1 < ${fetchpatch {
name = "CVE-2020-29129_CVE-2020-29130.patch";
url = "https://gitlab.freedesktop.org/slirp/libslirp/-/commit/2e1dcbc0c2af64fcb17009eaf2ceedd81be2b27f.patch";
sha256 = "01vbjqgnc0kp881l5p6b31cyyirhwhavm6x36hlgkymswvl3wh9w";
}})
'';
hardeningDisable = [ "stackprotector" ];
preConfigure = ''

View File

@ -1,5 +1,6 @@
{ stdenv
, fetchFromGitLab
, fetchpatch
, meson
, ninja
, pkg-config
@ -18,6 +19,15 @@ stdenv.mkDerivation rec {
sha256 = "0pzgjj2x2vrjshrzrl2x39xp5lgwg4b4y9vs8xvadh1ycl10v3fv";
};
patches = [
# remove >4.3.1
(fetchpatch {
name = "CVE-2020-29129_CVE-2020-29130.patch";
url = "https://gitlab.freedesktop.org/slirp/libslirp/-/commit/2e1dcbc0c2af64fcb17009eaf2ceedd81be2b27f.patch";
sha256 = "01vbjqgnc0kp881l5p6b31cyyirhwhavm6x36hlgkymswvl3wh9w";
})
];
nativeBuildInputs = [ meson ninja pkg-config ];
buildInputs = [ glib ];