mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-18 07:46:09 +01:00
Merge pull request #53896 from andir/openssh
openssh: apply CVE-2018-20685 patch
This commit is contained in:
commit
2013d86a5d
1 changed files with 9 additions and 0 deletions
|
@ -41,6 +41,15 @@ stdenv.mkDerivation rec {
|
|||
|
||||
# See discussion in https://github.com/NixOS/nixpkgs/pull/16966
|
||||
./dont_create_privsep_path.patch
|
||||
|
||||
# CVE-2018-20685, can probably be dropped with next version bump
|
||||
# See https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt
|
||||
# for details
|
||||
(fetchpatch {
|
||||
name = "CVE-2018-20685.patch";
|
||||
url = https://github.com/openssh/openssh-portable/commit/6010c0303a422a9c5fa8860c061bf7105eb7f8b2.patch;
|
||||
sha256 = "0q27i9ymr97yb628y44qi4m11hk5qikb1ji1vhvax8hp18lwskds";
|
||||
})
|
||||
]
|
||||
++ optional withGssapiPatches (assert withKerberos; gssapiPatch);
|
||||
|
||||
|
|
Loading…
Reference in a new issue