93b523d030
Fixes: CVE-2018-12435: requires >= 2.7.0 (NVD extry is incorrect) "Bug introduced in 2.5.0, fixed in 2.7.0. The 1.10 branch is not affected." A side channel in the ECDSA signature operation could allow a local attacker to recover the secret key. CVE-2018-20187: requires >= 2.9.0 "Introduced in 1.11.20, fixed in 2.8.0." A timing side channel during ECC key generation could leak information about the high bits of the secret scalar. Such information allows an attacker to perform a brute force attack on the key somewhat more efficiently than they would otherwise.
11 lines
281 B
Nix
11 lines
281 B
Nix
{ callPackage, ... } @ args:
|
|
|
|
callPackage ./generic.nix (args // {
|
|
baseVersion = "2.9";
|
|
revision = "0";
|
|
sha256 = "06fiyalvc68p11qqh953azx2vrbav5vr00yvcfp67p9l4csn8m9h";
|
|
postPatch = ''
|
|
sed -e 's@lang_flags "@&--std=c++11 @' -i src/build-data/cc/{gcc,clang}.txt
|
|
'';
|
|
})
|