squid: fix CVE-2018-1000024 & CVE-2018-1000027
This commit is contained in:
parent
291b05ee21
commit
ea817d7b6f
@ -1,4 +1,4 @@
|
|||||||
{ stdenv, fetchurl, perl, openldap, pam, db, cyrus_sasl, libcap
|
{ stdenv, fetchurl, fetchpatch, perl, openldap, pam, db, cyrus_sasl, libcap
|
||||||
, expat, libxml2, openssl }:
|
, expat, libxml2, openssl }:
|
||||||
|
|
||||||
stdenv.mkDerivation rec {
|
stdenv.mkDerivation rec {
|
||||||
@ -13,6 +13,19 @@ stdenv.mkDerivation rec {
|
|||||||
perl openldap db cyrus_sasl expat libxml2 openssl
|
perl openldap db cyrus_sasl expat libxml2 openssl
|
||||||
] ++ stdenv.lib.optionals stdenv.isLinux [ libcap pam ];
|
] ++ stdenv.lib.optionals stdenv.isLinux [ libcap pam ];
|
||||||
|
|
||||||
|
patches = [
|
||||||
|
(fetchpatch {
|
||||||
|
name = "CVE-2018-1000024.patch";
|
||||||
|
url = http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2018_1.patch;
|
||||||
|
sha256 = "0vzxr4rmybz0w4c1hi3szvqawbzl4r4b8wyvq9vgq1mzkk5invpg";
|
||||||
|
})
|
||||||
|
(fetchpatch {
|
||||||
|
name = "CVE-2018-1000027.patch";
|
||||||
|
url = http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2018_2.patch;
|
||||||
|
sha256 = "1a8hwk9z7h1j0c57anfzp3bwjd4pjbyh8aks4ca79nwz4d0y6wf3";
|
||||||
|
})
|
||||||
|
];
|
||||||
|
|
||||||
configureFlags = [
|
configureFlags = [
|
||||||
"--enable-ipv6"
|
"--enable-ipv6"
|
||||||
"--disable-strict-error-checking"
|
"--disable-strict-error-checking"
|
||||||
|
Loading…
Reference in New Issue
Block a user