less: Apply patch for CVE-2022-46663

https://www.openwall.com/lists/oss-security/2023/02/07/7
2023-02-08 01:55:47 +01:00 · 2023-02-08 01:55:47 +01:00 · 5277b187cc
commit 5277b187cc
parent 505dac8a8c
1 changed files with 10 additions and 1 deletions
--- a/pkgs/tools/misc/less/default.nix
+++ b/pkgs/tools/misc/less/default.nix
@ -1,4 +1,4 @@
-{ lib, stdenv, fetchurl, ncurses, lessSecure ? false }:
+{ lib, stdenv, fetchurl, fetchpatch, ncurses, lessSecure ? false }:

 stdenv.mkDerivation rec {
  pname = "less";
@ -9,6 +9,15 @@ stdenv.mkDerivation rec {
    sha256 = "02f2d9d6hyf03va28ip620gjc6rf4aikmdyk47h7frqj18pbx6m6";
  };

+  patches = [
+    (fetchpatch {
+      # https://github.com/advisories/GHSA-5xw7-xf7p-gm82
+      name = "CVE-2022-46663.patch";
+      url = "https://github.com/gwsw/less/commit/a78e1351113cef564d790a730d657a321624d79c.patch";
+      hash = "sha256-gWgCzoMt1WyVJVKYzkMq8HfaTlU1XUtC8fvNFUQT0sI=";
+    })
+  ];
+
  configureFlags = [ "--sysconfdir=/etc" ] # Look for ‘sysless’ in /etc.
    ++ lib.optionals lessSecure [ "--with-secure" ];