From 72d2cd3208e8e293f7addb115f001405f6aee74c Mon Sep 17 00:00:00 2001
From: Robert Scott <code@humanleg.org.uk>
Date: Sat, 3 Sep 2022 12:32:49 +0100
Subject: [PATCH] inetutils: add patch for CVE-2022-39028

---
 pkgs/tools/networking/inetutils/default.nix | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/pkgs/tools/networking/inetutils/default.nix b/pkgs/tools/networking/inetutils/default.nix
index fb5e2aad5cce..c6362f544691 100644
--- a/pkgs/tools/networking/inetutils/default.nix
+++ b/pkgs/tools/networking/inetutils/default.nix
@@ -1,5 +1,5 @@
 { stdenv, lib, fetchurl, ncurses, perl, help2man
-, apparmorRulesFromClosure
+, apparmorRulesFromClosure, fetchpatch
 }:
 
 stdenv.mkDerivation rec {
@@ -16,6 +16,11 @@ stdenv.mkDerivation rec {
   patches = [
     # https://git.congatec.com/yocto/meta-openembedded/commit/3402bfac6b595c622e4590a8ff5eaaa854e2a2a3
     ./inetutils-1_9-PATH_PROCNET_DEV.patch
+    (fetchpatch {
+      name = "CVE-2022-39028.patch";
+      url = "https://sources.debian.org/data/main/i/inetutils/2%3A2.3-5/debian/patches/inetutils-telnetd-EC_EL_null_deref.patch";
+      sha256 = "sha256-NYNDbEk3q3EhQdJaR12JBbnjJIRRpOcKLBF/EJJPiGU=";
+    })
   ];
 
   nativeBuildInputs = [ help2man perl /* for `whois' */ ];