cgit: 1.1 -> 1.2.1

Fixes CVE-2018-14912.
This commit is contained in:
Bjørn Forsman 2018-08-09 00:57:46 +02:00
parent ce3e962031
commit 970d5ef198

View File

@ -6,19 +6,19 @@
stdenv.mkDerivation rec {
name = "cgit-${version}";
version = "1.1";
version = "1.2.1";
src = fetchurl {
url = "https://git.zx2c4.com/cgit/snapshot/${name}.tar.xz";
sha256 = "142qcgs8dwnzhymn0a7xx47p9fc2z5wrb86ah4a9iz0mpqlsz288";
sha256 = "1gw2j5xc5qdx2hwiwkr8h6kgya7v9d9ff9j32ga1dys0cca7qm1w";
};
# cgit is tightly coupled with git and needs a git source tree to build.
# IMPORTANT: Remember to check which git version cgit needs on every version
# bump (look for "GIT_VER" in the top-level Makefile).
gitSrc = fetchurl {
url = "mirror://kernel/software/scm/git/git-2.10.2.tar.xz";
sha256 = "0wc64dzcxrzgi6kwcljz6y3cwm3ajdgf6aws7g58azbhvl1jk04l";
url = "mirror://kernel/software/scm/git/git-2.18.0.tar.xz";
sha256 = "14hfwfkrci829a9316hnvkglnqqw1p03cw9k56p4fcb078wbwh4b";
};
nativeBuildInputs = [ pkgconfig ] ++ [ python wrapPython ];