shellinabox: fix CVE-2018-16789

(#72620)
This commit is contained in:
Renaud 2019-11-03 16:44:17 +01:00 committed by GitHub
parent 7153c484cd
commit 73523e026e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -1,4 +1,4 @@
{ stdenv, fetchFromGitHub, autoreconfHook, pam, openssl, openssh, shadow, makeWrapper }:
{ stdenv, fetchFromGitHub, fetchpatch, autoreconfHook, pam, openssl, openssh, shadow, makeWrapper }:
stdenv.mkDerivation rec {
version = "2.20";
@ -11,10 +11,17 @@ stdenv.mkDerivation rec {
sha256 = "1hmfayh21cks2lyj572944ll0mmgsxbnj981b3hq3nhdg8ywzjfr";
};
patches = [ ./shellinabox-minus.patch ];
patches = [
./shellinabox-minus.patch
(fetchpatch {
name = "CVE-2018-16789.patch";
url = "https://github.com/shellinabox/shellinabox/commit/4f0ecc31ac6f985e0dd3f5a52cbfc0e9251f6361.patch";
sha256 = "1mpm6acxdb0fms9pa2b88fx6hp07ph87ahxi82yyqj2m7p79jx7a";
})
];
nativeBuildInputs = [ autoreconfHook ];
buildInputs = [ pam openssl openssh makeWrapper ];
nativeBuildInputs = [ autoreconfHook makeWrapper ];
buildInputs = [ pam openssl openssh ];
# Disable GSSAPIAuthentication errors. Also, paths in certain source files are
# hardcoded. Replace the hardcoded paths with correct paths.