Merge pull request #67550 from mmahut/CVE-2018-20852

python2: CVE-2018-20852 forwarding to master
2019-08-27 08:33:46 +00:00 · 2019-08-27 08:33:46 +00:00 · c41f88198d
commit c41f88198d
parent 4461fc2ce4 ee62ec62ec
1 changed files with 6 additions and 0 deletions
--- a/pkgs/development/interpreters/python/cpython/2.7/default.nix
+++ b/pkgs/development/interpreters/python/cpython/2.7/default.nix
@ -79,6 +79,12 @@ let
        sha256 = "0l9rw6r5r90iybdkp3hhl2pf0h0s1izc68h5d3ywrm92pq32wz57";
      })

+      (fetchpatch {
+        url = "https://github.com/python/cpython/commit/979daae300916adb399ab5b51410b6ebd0888f13.patch";
+        name = "CVE-2018-20852.patch";
+        sha256 = "0p838ycssd6abxzby69rhngjqqm59cmlp07910mpjx7lmsz049pb";
+      })
+
      # Fix race-condition during pyc creation. Has a slight backwards
      # incompatible effect: pyc symlinks will now be overridden
      # (https://bugs.python.org/issue17222). Included in python >= 3.4,