libslirp: fix CVE-2020-29129, CVE-2020-29130
Fixes out-of-bounds access while processing ARP/NCSI packets. Fixes: CVE-2020-29129, CVE-2020-29130
This commit is contained in:
parent
f4c44e6314
commit
984271bde3
@ -1,5 +1,6 @@
|
||||
{ stdenv
|
||||
, fetchFromGitLab
|
||||
, fetchpatch
|
||||
, meson
|
||||
, ninja
|
||||
, pkg-config
|
||||
@ -18,6 +19,15 @@ stdenv.mkDerivation rec {
|
||||
sha256 = "0pzgjj2x2vrjshrzrl2x39xp5lgwg4b4y9vs8xvadh1ycl10v3fv";
|
||||
};
|
||||
|
||||
patches = [
|
||||
# remove >4.3.1
|
||||
(fetchpatch {
|
||||
name = "CVE-2020-29129_CVE-2020-29130.patch";
|
||||
url = "https://gitlab.freedesktop.org/slirp/libslirp/-/commit/2e1dcbc0c2af64fcb17009eaf2ceedd81be2b27f.patch";
|
||||
sha256 = "01vbjqgnc0kp881l5p6b31cyyirhwhavm6x36hlgkymswvl3wh9w";
|
||||
})
|
||||
];
|
||||
|
||||
nativeBuildInputs = [ meson ninja pkg-config ];
|
||||
|
||||
buildInputs = [ glib ];
|
||||
|
Loading…
Reference in New Issue
Block a user