d0c8c66068
This patch is based on the work of the patch from Thorsten Glaser (MirBSD) [1] [1] http://www.mirbsd.org/cvs.cgi/src/gnu/usr.bin/cvs/src/rsh-client.c.diff?r1=1.6;r2=1.7
35 lines
759 B
Nix
35 lines
759 B
Nix
{ stdenv, fetchurl, nano }:
|
|
|
|
stdenv.mkDerivation {
|
|
name = "cvs-1.12.13";
|
|
|
|
src = fetchurl {
|
|
url = mirror://savannah/cvs/source/feature/1.12.13/cvs-1.12.13.tar.bz2;
|
|
sha256 = "0pjir8cwn0087mxszzbsi1gyfc6373vif96cw4q3m1x6p49kd1bq";
|
|
};
|
|
|
|
patches = [
|
|
./getcwd-chroot.patch
|
|
./CVE-2012-0804.patch
|
|
./CVE-2017-12836.patch
|
|
];
|
|
|
|
hardeningDisable = [ "fortify" "format" ];
|
|
|
|
preConfigure = ''
|
|
# Apply the Debian patches.
|
|
for p in "debian/patches/"*; do
|
|
echo "applying \`$p' ..."
|
|
patch --verbose -p1 < "$p"
|
|
done
|
|
'';
|
|
|
|
buildInputs = [ nano ];
|
|
|
|
meta = {
|
|
homepage = http://cvs.nongnu.org;
|
|
description = "Concurrent Versions System - a source control system";
|
|
platforms = stdenv.lib.platforms.all;
|
|
};
|
|
}
|