Merge pull request #105157 from mweinelt/libslirp
libslirp: fix CVE-2020-29129
This commit is contained in:
commit
3200eaef74
@ -100,6 +100,15 @@ stdenv.mkDerivation rec {
|
||||
})
|
||||
];
|
||||
|
||||
# Remove CVE-2020-{29129,29130} for QEMU >5.1.0
|
||||
postPatch = ''
|
||||
(cd slirp && patch -p1 < ${fetchpatch {
|
||||
name = "CVE-2020-29129_CVE-2020-29130.patch";
|
||||
url = "https://gitlab.freedesktop.org/slirp/libslirp/-/commit/2e1dcbc0c2af64fcb17009eaf2ceedd81be2b27f.patch";
|
||||
sha256 = "01vbjqgnc0kp881l5p6b31cyyirhwhavm6x36hlgkymswvl3wh9w";
|
||||
}})
|
||||
'';
|
||||
|
||||
hardeningDisable = [ "stackprotector" ];
|
||||
|
||||
preConfigure = ''
|
||||
|
@ -1,5 +1,6 @@
|
||||
{ stdenv
|
||||
, fetchFromGitLab
|
||||
, fetchpatch
|
||||
, meson
|
||||
, ninja
|
||||
, pkg-config
|
||||
@ -18,6 +19,15 @@ stdenv.mkDerivation rec {
|
||||
sha256 = "0pzgjj2x2vrjshrzrl2x39xp5lgwg4b4y9vs8xvadh1ycl10v3fv";
|
||||
};
|
||||
|
||||
patches = [
|
||||
# remove >4.3.1
|
||||
(fetchpatch {
|
||||
name = "CVE-2020-29129_CVE-2020-29130.patch";
|
||||
url = "https://gitlab.freedesktop.org/slirp/libslirp/-/commit/2e1dcbc0c2af64fcb17009eaf2ceedd81be2b27f.patch";
|
||||
sha256 = "01vbjqgnc0kp881l5p6b31cyyirhwhavm6x36hlgkymswvl3wh9w";
|
||||
})
|
||||
];
|
||||
|
||||
nativeBuildInputs = [ meson ninja pkg-config ];
|
||||
|
||||
buildInputs = [ glib ];
|
||||
|
Loading…
Reference in New Issue
Block a user