diff --git a/pkgs/os-specific/linux/cifs-utils/default.nix b/pkgs/os-specific/linux/cifs-utils/default.nix index e4635a915efb..ba790f2eaca4 100644 --- a/pkgs/os-specific/linux/cifs-utils/default.nix +++ b/pkgs/os-specific/linux/cifs-utils/default.nix @@ -1,31 +1,15 @@ -{ stdenv, lib, fetchurl, fetchpatch, autoreconfHook, docutils, pkg-config +{ stdenv, lib, fetchurl, autoreconfHook, docutils, pkg-config , libkrb5, keyutils, pam, talloc, python3 }: stdenv.mkDerivation rec { pname = "cifs-utils"; - version = "6.14"; + version = "6.15"; src = fetchurl { url = "mirror://samba/pub/linux-cifs/cifs-utils/${pname}-${version}.tar.bz2"; - sha256 = "sha256-ZgnoB0tUISlf8BKjHwLM2aBYQVxhnIE2Lrt4jb8HVrg="; + sha256 = "sha256-p7aUDpMlDBZ2pvpmturZG3jNQ6X+6ZzEYkWci5zx5vQ="; }; - patches = [ - (fetchpatch { - # Fix buffer-overflow in handling of ip= parameter in mount.cifs - # https://www.openwall.com/lists/oss-security/2022/04/27/5 - name = "CVE-2022-27239.patch"; - url = "https://github.com/piastry/cifs-utils/commit/007c07fd91b6d42f8bd45187cf78ebb06801139d.patch"; - sha256 = "sha256-3uoHso2q17r2bcEW+ZjYUWsW4OIGYA7kxYZxQQy0JOg="; - }) - (fetchpatch { - # Fix disclosure of invalid credential configuration in verbose mode - name = "CVE-2022-29869.patch"; - url = "https://github.com/piastry/cifs-utils/commit/8acc963a2e7e9d63fe1f2e7f73f5a03f83d9c379.patch"; - sha256 = "sha256-MjfreeL1ME550EYK9LPOUAAjIk1BoMGfb+pQe3A1bz8="; - }) - ]; - nativeBuildInputs = [ autoreconfHook docutils pkg-config ]; buildInputs = [ libkrb5 keyutils pam talloc python3 ];