JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #113929 from mweinelt/screen/cve-2021-26937

Browse Source 
screen: apply patch for CVE-2021-26937
This commit is contained in:
Martin Weinelt 2021-02-22 23:27:58 +01:00 committed by GitHub
commit 7b9655158e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
pkgs/tools/misc/screen/default.nix
View File

@ -16,7 +16,14 @@ stdenv.mkDerivation rec {
"--enable-colors256" "--enable-colors256"
]; ];
patches = lib.optional stdenv.hostPlatform.isMusl patches = [
(fetchpatch {
# Fixes denial of services in encoding.c, remove > 4.8.0
name = "CVE-2021-26937.patch";
url = "https://salsa.debian.org/debian/screen/-/raw/master/debian/patches/99_CVE-2021-26937.patch";
sha256 = "05f3p1c7s83nccwkhmavjzgaysxnvq41c7jffs31ra65kcpabqy0";
})
] ++ lib.optional stdenv.hostPlatform.isMusl
(fetchpatch { (fetchpatch {
url = "https://gist.githubusercontent.com/yujinakayama/4608863/raw/76b9f89af5e5a2e97d9a0f36aac989fb56cf1447/gistfile1.diff"; url = "https://gist.githubusercontent.com/yujinakayama/4608863/raw/76b9f89af5e5a2e97d9a0f36aac989fb56cf1447/gistfile1.diff";
sha256 = "0f9bf83p8zdxaa1pr75jyf5g8xr3r8kv7cyzzbpraa1q4j15ss1p"; sha256 = "0f9bf83p8zdxaa1pr75jyf5g8xr3r8kv7cyzzbpraa1q4j15ss1p";