MirrorHub/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-17 07:13:23 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

p7zip: fix two CVEs

Browse source
This commit is contained in:
Daniel Frank 2020-05-01 14:25:42 +02:00
parent 9d11b73c33
commit dd16c3944c
No known key found for this signature in database
GPG key ID: 063CCCAD04182D32
1 changed files with 9 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
pkgs/tools/archivers/p7zip/default.nix
View file

@ -1,4 +1,4 @@
{ stdenv, fetchurl, lib, enableUnfree ? false }:
{ stdenv, fetchurl, fetchpatch, lib, enableUnfree ? false }:
stdenv.mkDerivation rec {
pname = "p7zip";
@ -12,6 +12,14 @@ stdenv.mkDerivation rec {
patches = [
./12-CVE-2016-9296.patch
./13-CVE-2017-17969.patch
(fetchpatch {
url = "https://raw.githubusercontent.com/termux/termux-packages/master/packages/p7zip/3-CVE-2018-5996.patch";
sha256 = "1zivvkazmza0653i498ccp3zbpbpc7dvxl3zxwllbx41b6n589yp";
})
(fetchpatch {
url = "https://raw.githubusercontent.com/termux/termux-packages/master/packages/p7zip/4-CVE-2018-10115.patch";
sha256 = "1cr7q8gnrk9yp6dcvxaqi1yhdbgp964nkv65ls41mw1kdfm44zn6";
})
];
# Default makefile is full of impurities on Darwin. The patch doesn't hurt Linux so I'm leaving it unconditional