JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
48e9738895
nixpkgs/pkgs/tools/text/gnupatch/default.nix
Pierre Bourdon 63905a7b6f gnupatch: rename patch files to match their CVE ids. 
This should be a behavior no-op, but it helps vulnix figure out that we
are up to date regarding security patches.
2019-10-22 09:48:12 +02:00

62 lines
2.0 KiB
Nix
Raw Blame History

{ stdenv, fetchurl
, ed, autoreconfHook
}:
stdenv.mkDerivation rec {
name = "patch-2.7.6";
src = fetchurl {
url = "mirror://gnu/patch/${name}.tar.xz";
sha256 = "1zfqy4rdcy279vwn2z1kbv19dcfw25d2aqy9nzvdkq5bjzd0nqdc";
};
patches = [
# https://git.savannah.gnu.org/cgit/patch.git/patch/?id=f290f48a621867084884bfff87f8093c15195e6a
./CVE-2018-6951.patch
(fetchurl {
url = https://git.savannah.gnu.org/cgit/patch.git/patch/?id=b5a91a01e5d0897facdd0f49d64b76b0f02b43e1;
name = "Allow_input_files_to_be_missing_for_ed-style_patches.patch";
sha256 = "0iw0lk0yhnhvfjzal48ij6zdr92mgb84jq7fwryy1hdhi47hhq64";
})
(fetchurl {
url = https://git.savannah.gnu.org/cgit/patch.git/patch/?id=123eaff0d5d1aebe128295959435b9ca5909c26d;
name = "CVE-2018-1000156.patch";
sha256 = "1bpy16n3hm5nv9xkrn6c4wglzsdzj3ss1biq16w9kfv48p4hx2vg";
})
# https://git.savannah.gnu.org/cgit/patch.git/commit/?id=9c986353e420ead6e706262bf204d6e03322c300
./CVE-2018-6952.patch
# https://git.savannah.gnu.org/cgit/patch.git/patch/?id=dce4683cbbe107a95f1f0d45fabc304acfb5d71a
./CVE-2019-13636.patch
# https://git.savannah.gnu.org/cgit/patch.git/patch/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0
./CVE-2019-13638-and-CVE-2018-20969.patch
];
nativeBuildInputs = [ autoreconfHook ];
configureFlags = stdenv.lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [
"ac_cv_func_strnlen_working=yes"
];
doCheck = stdenv.hostPlatform.libc != "musl"; # not cross;
checkInputs = [ed];
meta = {
description = "GNU Patch, a program to apply differences to files";
longDescription =
'' GNU Patch takes a patch file containing a difference listing
produced by the diff program and applies those differences to one or
more original files, producing patched versions.
'';
homepage = https://savannah.gnu.org/projects/patch;
license = stdenv.lib.licenses.gpl3Plus;
maintainers = [ ];
platforms = stdenv.lib.platforms.all;
};
}
Reference in New Issue View Git Blame Copy Permalink