patch: Fix CVE-2018-1000156

This commit is contained in:
Tim Steinbach 2018-08-05 16:02:57 -04:00
parent 71680eb127
commit f0814ec049
No known key found for this signature in database
GPG Key ID: 472BFCCA96BD0EDA

View File

@ -1,5 +1,5 @@
{ stdenv, fetchurl
, ed
, ed, autoreconfHook
, buildPlatform, hostPlatform
}:
@ -14,9 +14,18 @@ stdenv.mkDerivation rec {
patches = [
# https://git.savannah.gnu.org/cgit/patch.git/patch/?id=f290f48a621867084884bfff87f8093c15195e6a
./CVE-2018-6951.patch
(fetchurl {
url = https://sources.debian.org/data/main/p/patch/2.7.6-2/debian/patches/Allow_input_files_to_be_missing_for_ed-style_patches.patch;
sha256 = "0iw0lk0yhnhvfjzal48ij6zdr92mgb84jq7fwryy1hdhi47hhq64";
})
(fetchurl { # CVE-2018-1000156
url = https://sources.debian.org/data/main/p/patch/2.7.6-2/debian/patches/Fix_arbitrary_command_execution_in_ed-style_patches.patch;
sha256 = "1bpy16n3hm5nv9xkrn6c4wglzsdzj3ss1biq16w9kfv48p4hx2vg";
})
];
buildInputs = stdenv.lib.optional doCheck ed;
nativeBuildInputs = [ autoreconfHook ];
configureFlags = stdenv.lib.optionals (hostPlatform != buildPlatform) [
"ac_cv_func_strnlen_working=yes"