MirrorHub/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-16 23:03:40 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

apacheHttpd: fix CVE-2017-9798 (Optionsbleed)

Browse source 
https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html
This commit is contained in:
Franz Pletz 2017-09-18 16:01:22 +02:00
parent 2f9cb45bd4
commit c9d11b8a1d
No known key found for this signature in database
GPG key ID: 846FDED7792617B4
1 changed files with 11 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
pkgs/servers/http/apache-httpd/2.4.nix
View file

@ -5,6 +5,7 @@
, ldapSupport ? true, openldap
, libxml2Support ? true, libxml2
, luaSupport ? false, lua5
, fetchpatch
}:
let optional = stdenv.lib.optional;
@ -35,10 +36,19 @@ stdenv.mkDerivation rec {
optional http2Support nghttp2 ++
optional stdenv.isDarwin libiconv;
patchPhase = ''
prePatch = ''
sed -i config.layout -e "s|installbuilddir:.*|installbuilddir: $dev/share/build|"
'';
patches = [
(fetchpatch {
name = "CVE-2017-9798.patch";
url = "https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch";
sha256 = "00hbq5szgav91kwsc30jdjvgd3vbgm8n198yna8bcs33p434v25k";
stripLen = 3;
})
];
# Required for pthread_cancel.
NIX_LDFLAGS = stdenv.lib.optionalString (!stdenv.isDarwin) "-lgcc_s";