Merge pull request #31909 from andir/clamav

clamav: apply patch for CVE-2017-6420
2017-11-22 08:20:03 +00:00 · 2017-11-22 08:20:03 +00:00 · 98d12e681c
commit 98d12e681c
parent 565d92a10f f01acd4cd5
1 changed files with 9 additions and 1 deletions
--- a/pkgs/tools/security/clamav/default.nix
+++ b/pkgs/tools/security/clamav/default.nix
@ -1,4 +1,4 @@
-{ stdenv, fetchurl, zlib, bzip2, libiconv, libxml2, openssl, ncurses, curl
+{ stdenv, fetchurl, fetchpatch, zlib, bzip2, libiconv, libxml2, openssl, ncurses, curl
 , libmilter, pcre }:

 stdenv.mkDerivation rec {
@ -10,6 +10,14 @@ stdenv.mkDerivation rec {
    sha256 = "0yh2q318bnmf2152g2h1yvzgqbswn0wvbzb8p4kf7v057shxcyqn";
  };

+  patches = [
+    (fetchpatch {
+      name = "CVE-2017-6420.patch";
+      url = "https://github.com/vrtadmin/clamav-devel/commit/dfc00cd3301a42b571454b51a6102eecf58407bc.patch";
+      sha256 = "08w3p3a4pmi0cmcmyxkagsbn3g0jgx1jqlc34pn141x0qzrlqr60";
+    })
+  ];
+
  # don't install sample config files into the absolute sysconfdir folder
  postPatch = ''
    substituteInPlace Makefile.in --replace ' etc ' ' '