Merge pull request #65197 from andir/libarchive

libarchive: 3.3.3 -> 3.4.0
This commit is contained in:
Robin Gloster 2019-07-22 17:39:07 +00:00 committed by GitHub
commit 4f0e37c93d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -1,5 +1,5 @@
{
fetchurl, fetchpatch, stdenv, pkgconfig,
fetchFromGitHub, stdenv, pkgconfig, autoreconfHook,
acl, attr, bzip2, e2fsprogs, libxml2, lzo, openssl, sharutils, xz, zlib,
# Optional but increases closure only negligibly.
@ -10,31 +10,18 @@ assert xarSupport -> libxml2 != null;
stdenv.mkDerivation rec {
name = "libarchive-${version}";
version = "3.3.3";
version = "3.4.0";
src = fetchurl {
url = "${meta.homepage}/downloads/${name}.tar.gz";
sha256 = "0bhfncid058p7n1n8v29l6wxm3mhdqfassscihbsxfwz3iwb2zms";
src = fetchFromGitHub {
owner = "libarchive";
repo = "libarchive";
rev = "v${version}";
sha256 = "063f5bw9qmksj3iy6094qxwawx174cx00q1fg6l698wqw7xn8ihq";
};
patches = [
(fetchpatch {
# details: https://github.com/libarchive/libarchive/pull/1105
name = "cve-2018-1000877.diff"; # CVE-2018-1000877..80
url = "https://github.com/libarchive/libarchive/pull/1105.diff";
sha256 = "0mxcawfdy9m40mykzwhkl39a6vnh4ypgy0ipcz74qm4bi72x0gyf";
})
(fetchpatch {
# details: https://github.com/libarchive/libarchive/pull/1120
name = "cve-2019-1000019_cve-2019-1000020.diff";
url = "https://github.com/libarchive/libarchive/pull/1120.diff";
sha256 = "1mgx92v8hm7hw9j34nbfriqfkxshh3cy25rhavr7kl7lz4x5a6g4";
})
];
outputs = [ "out" "lib" "dev" ];
nativeBuildInputs = [ pkgconfig ];
nativeBuildInputs = [ pkgconfig autoreconfHook ];
buildInputs = [ sharutils zlib bzip2 openssl xz lzo ]
++ stdenv.lib.optionals stdenv.isLinux [ e2fsprogs attr acl ]
++ stdenv.lib.optional xarSupport libxml2;