Merge pull request #33873 from andir/transmission-dns-rebinding-rce

transmission: fix RCE via dns rebinding attach
This commit is contained in:
Andreas Rammhold 2018-01-14 23:53:59 +00:00 committed by GitHub
commit 87947ca8de
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -1,4 +1,4 @@
{ stdenv, fetchurl, pkgconfig, intltool, file, wrapGAppsHook
{ stdenv, fetchurl, fetchpatch, pkgconfig, intltool, file, wrapGAppsHook
, openssl, curl, libevent, inotify-tools, systemd, zlib
, enableGTK3 ? false, gtk3
, enableSystemd ? stdenv.isLinux
@ -27,6 +27,16 @@ stdenv.mkDerivation rec {
++ optionals enableSystemd [ systemd ]
++ optionals stdenv.isLinux [ inotify-tools ];
patches = [
(fetchpatch {
# See https://github.com/transmission/transmission/pull/468
# Patch from: https://github.com/transmission/transmission/pull/468#issuecomment-357098126
name = "transmission-fix-dns-rebinding-vuln.patch";
url = https://github.com/transmission/transmission/files/1624507/transmission-fix-dns-rebinding-vuln.patch.txt;
sha256 = "1p9m20kp4kdyp5jjr3yp5px627n8cfa29mg5n3wzsdfv0qzk9gy4";
})
];
postPatch = ''
substituteInPlace ./configure \
--replace "libsystemd-daemon" "libsystemd" \