cifs-utils: 6.14 -> 6.15

https://lists.samba.org/archive/samba-technical/2022-April/137335.html
This commit is contained in:
Thomas Gerbet 2022-05-22 19:21:22 +02:00
parent 88d05579ad
commit 6322d6be3a

View File

@ -1,31 +1,15 @@
{ stdenv, lib, fetchurl, fetchpatch, autoreconfHook, docutils, pkg-config
{ stdenv, lib, fetchurl, autoreconfHook, docutils, pkg-config
, libkrb5, keyutils, pam, talloc, python3 }:
stdenv.mkDerivation rec {
pname = "cifs-utils";
version = "6.14";
version = "6.15";
src = fetchurl {
url = "mirror://samba/pub/linux-cifs/cifs-utils/${pname}-${version}.tar.bz2";
sha256 = "sha256-ZgnoB0tUISlf8BKjHwLM2aBYQVxhnIE2Lrt4jb8HVrg=";
sha256 = "sha256-p7aUDpMlDBZ2pvpmturZG3jNQ6X+6ZzEYkWci5zx5vQ=";
};
patches = [
(fetchpatch {
# Fix buffer-overflow in handling of ip= parameter in mount.cifs
# https://www.openwall.com/lists/oss-security/2022/04/27/5
name = "CVE-2022-27239.patch";
url = "https://github.com/piastry/cifs-utils/commit/007c07fd91b6d42f8bd45187cf78ebb06801139d.patch";
sha256 = "sha256-3uoHso2q17r2bcEW+ZjYUWsW4OIGYA7kxYZxQQy0JOg=";
})
(fetchpatch {
# Fix disclosure of invalid credential configuration in verbose mode
name = "CVE-2022-29869.patch";
url = "https://github.com/piastry/cifs-utils/commit/8acc963a2e7e9d63fe1f2e7f73f5a03f83d9c379.patch";
sha256 = "sha256-MjfreeL1ME550EYK9LPOUAAjIk1BoMGfb+pQe3A1bz8=";
})
];
nativeBuildInputs = [ autoreconfHook docutils pkg-config ];
buildInputs = [ libkrb5 keyutils pam talloc python3 ];