pythonPackages.pycrypto: add patch to fix CVE-2013-7459

cc #21642
2017-01-05 06:40:43 +01:00 · 2017-01-05 06:40:43 +01:00 · fe9373460c
commit fe9373460c
parent 15f46d60ac
1 changed files with 9 additions and 1 deletions
--- a/pkgs/development/python-modules/pycrypto/default.nix
+++ b/pkgs/development/python-modules/pycrypto/default.nix
@ -1,4 +1,4 @@
-{ stdenv, fetchurl, python, buildPythonPackage, gmp }:
+{ stdenv, fetchurl, fetchpatch, python, buildPythonPackage, gmp }:

 buildPythonPackage rec {
  name = "pycrypto-2.6.1";
@ -9,6 +9,14 @@ buildPythonPackage rec {
    sha256 = "0g0ayql5b9mkjam8hym6zyg6bv77lbh66rv1fyvgqb17kfc1xkpj";
  };

+  patches = [
+    (fetchpatch {
+      name = "CVE-2013-7459.patch";
+      url = "https://anonscm.debian.org/cgit/collab-maint/python-crypto.git/plain/debian/patches/CVE-2013-7459.patch?h=debian/2.6.1-7";
+      sha256 = "01r7aghnchc1bpxgdv58qyi2085gh34bxini973xhy3ks7fq3ir9";
+    })
+  ];
+
  preConfigure = ''
    sed -i 's,/usr/include,/no-such-dir,' configure
    sed -i "s!,'/usr/include/'!!" setup.py