mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-16 14:54:29 +01:00
* Security fix for CVE-2007-5191.
svn path=/nixpkgs/trunk/; revision=12417
This commit is contained in:
parent
c32f7569dc
commit
874804eb04
1 changed files with 14 additions and 7 deletions
|
@ -1,4 +1,4 @@
|
||||||
args: with args;
|
{stdenv, fetchurl, ncurses ? null}:
|
||||||
|
|
||||||
stdenv.mkDerivation {
|
stdenv.mkDerivation {
|
||||||
name = "util-linux-2.13-pre7";
|
name = "util-linux-2.13-pre7";
|
||||||
|
@ -7,16 +7,23 @@ stdenv.mkDerivation {
|
||||||
url = mirror://kernel/linux/utils/util-linux/testing/util-linux-2.13-pre7.tar.bz2;
|
url = mirror://kernel/linux/utils/util-linux/testing/util-linux-2.13-pre7.tar.bz2;
|
||||||
md5 = "13cdf4b76533e8421dc49de188f85291";
|
md5 = "13cdf4b76533e8421dc49de188f85291";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
patches = [
|
||||||
|
# Fix for a local root exploit via mount/umount
|
||||||
|
# (http://www.gentoo.org/security/en/glsa/glsa-200710-18.xml).
|
||||||
|
(fetchurl {
|
||||||
|
url = "http://sources.gentoo.org/viewcvs.py/*checkout*/gentoo-x86/sys-apps/util-linux/files/util-linux-2.13-setuid-checks.patch?rev=1.1";
|
||||||
|
sha256 = "02ky7ljzqpx8ii3dfmjydw8nnhshpw2inwh6w1vqllz8mhn81jdf";
|
||||||
|
})
|
||||||
|
];
|
||||||
|
|
||||||
configureFlags = "--disable-use-tty-group";
|
configureFlags = "--disable-use-tty-group";
|
||||||
|
|
||||||
buildInputs = []
|
buildInputs = stdenv.lib.optional (ncurses != null) ncurses;
|
||||||
++ (if args ? ncurses then [args.ncurses] else [])
|
|
||||||
;
|
|
||||||
|
|
||||||
preBuild = "
|
preBuild = ''
|
||||||
makeFlagsArray=(usrbinexecdir=$out/bin usrsbinexecdir=$out/sbin datadir=$out/share exampledir=$out/share/getopt)
|
makeFlagsArray=(usrbinexecdir=$out/bin usrsbinexecdir=$out/sbin datadir=$out/share exampledir=$out/share/getopt)
|
||||||
";
|
'';
|
||||||
|
|
||||||
# Hack to get static builds to work.
|
# Hack to get static builds to work.
|
||||||
NIX_CFLAGS_COMPILE = "-DHAVE___PROGNAME=1";
|
NIX_CFLAGS_COMPILE = "-DHAVE___PROGNAME=1";
|
||||||
|
|
Loading…
Reference in a new issue