about summary refs log tree commit diff
path: root/nixpkgs/pkgs/development/libraries/libuv
diff options
context:
space:
mode:
authorAlyssa Ross <hi@alyssa.is>2021-07-23 09:26:00 +0000
committerAlyssa Ross <hi@alyssa.is>2021-07-23 09:26:00 +0000
commitab63e0bb8dcf2b1bf8d4a26ed360af777b8f241d (patch)
tree504b28a058661f6c1cbb7d3f580020e50367ca7f /nixpkgs/pkgs/development/libraries/libuv
parent55cc63c079f49e81d695a25bc2f5b3902f2bd290 (diff)
parentb09661d41fb93562fd53f31574dbf781b130ac44 (diff)
downloadnixlib-ab63e0bb8dcf2b1bf8d4a26ed360af777b8f241d.tar
nixlib-ab63e0bb8dcf2b1bf8d4a26ed360af777b8f241d.tar.gz
nixlib-ab63e0bb8dcf2b1bf8d4a26ed360af777b8f241d.tar.bz2
nixlib-ab63e0bb8dcf2b1bf8d4a26ed360af777b8f241d.tar.lz
nixlib-ab63e0bb8dcf2b1bf8d4a26ed360af777b8f241d.tar.xz
nixlib-ab63e0bb8dcf2b1bf8d4a26ed360af777b8f241d.tar.zst
nixlib-ab63e0bb8dcf2b1bf8d4a26ed360af777b8f241d.zip
Merge commit 'b09661d41fb93562fd53f31574dbf781b130ac44'
Diffstat (limited to 'nixpkgs/pkgs/development/libraries/libuv')
-rw-r--r--nixpkgs/pkgs/development/libraries/libuv/default.nix11


1 files changed, 10 insertions, 1 deletions
diff --git a/nixpkgs/pkgs/development/libraries/libuv/default.nix b/nixpkgs/pkgs/development/libraries/libuv/default.nix
index 6b1a0120e49e..b630fca16701 100644
--- a/nixpkgs/pkgs/development/libraries/libuv/default.nix
+++ b/nixpkgs/pkgs/development/libraries/libuv/default.nix
@@ -1,4 +1,4 @@
-{ stdenv, lib, fetchFromGitHub, autoconf, automake, libtool, pkg-config, ApplicationServices, CoreServices }:
+{ stdenv, lib, fetchFromGitHub, fetchpatch, autoconf, automake, libtool, pkg-config, ApplicationServices, CoreServices }:
 
 stdenv.mkDerivation rec {
   version = "1.41.0";
@@ -11,6 +11,15 @@ stdenv.mkDerivation rec {
     sha256 = "sha256-i6AYD1Ony0L2+3yWK6bxOfwoZEvd9qCg33QSqA7bRXI=";
   };
 
+  patches = [
+    (fetchpatch {
+      # Fixes out-of-bounds read in uv__idna_toascii() function
+      name = "CVE-2021-22918.patch";
+      url = "https://github.com/libuv/libuv/commit/b7466e31e4bee160d82a68fca11b1f61d46debae.patch";
+      sha256 = "0fbjy0jh7r9nrd27ag1k6am6d8p5ih7p0ywvjn53nq4cyqdqxhi7";
+    })
+  ];
+
   postPatch = let
     toDisable = [
       "getnameinfo_basic" "udp_send_hang_loop" # probably network-dependent

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-16 13:50:56 +0000