diff options
| author | Piotr Bogdan <ppbogdan@gmail.com> | 2017-10-09 20:22:34 +0100 |
|---|---|---|
| committer | Piotr Bogdan <ppbogdan@gmail.com> | 2017-10-23 20:28:03 +0100 |
| commit | 4b756e48738dc0775dacb6b97280a17799d66147 (patch) | |
| tree | 66cebaf7ff3590a2af0f538594fe1de3e50331d7 /pkgs/misc/drivers | |
| parent | 740c4fe4afc5917fb9f170dc0815c7b3b1e25223 (diff) | |
| download | nixlib-4b756e48738dc0775dacb6b97280a17799d66147.tar nixlib-4b756e48738dc0775dacb6b97280a17799d66147.tar.gz nixlib-4b756e48738dc0775dacb6b97280a17799d66147.tar.bz2 nixlib-4b756e48738dc0775dacb6b97280a17799d66147.tar.lz nixlib-4b756e48738dc0775dacb6b97280a17799d66147.tar.xz nixlib-4b756e48738dc0775dacb6b97280a17799d66147.tar.zst nixlib-4b756e48738dc0775dacb6b97280a17799d66147.zip | |
foomatic-filters: fix CVE-2015-8327 & CVE-2015-8560
Diffstat (limited to 'pkgs/misc/drivers')
| -rw-r--r-- | pkgs/misc/drivers/foomatic-filters/default.nix | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/pkgs/misc/drivers/foomatic-filters/default.nix b/pkgs/misc/drivers/foomatic-filters/default.nix index 799b14dec1d0..d6ac4fd6a03c 100644 --- a/pkgs/misc/drivers/foomatic-filters/default.nix +++ b/pkgs/misc/drivers/foomatic-filters/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, pkgconfig, perl, cups, dbus, enscript }: +{ stdenv, fetchpatch, fetchurl, pkgconfig, perl, cups, dbus, enscript }: stdenv.mkDerivation rec { name = "foomatic-filters-4.0.17"; @@ -11,6 +11,14 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ pkgconfig ]; buildInputs = [ perl cups dbus enscript ]; + patches = [ + # for CVE-2015-8327 & CVE-2015-8560 + (fetchpatch { + url = "https://anonscm.debian.org/cgit/collab-maint/foomatic-filters.git/plain/debian/patches/0500-r7406_also_consider_the_back_tick_as_an_illegal_shell_escape_character.patch"; + sha256 = "055nwi3sjf578nk40bqsch3wx8m2h65hdih0wmxflb6l0hwkq4p4"; + }) + ]; + preConfigure = '' substituteInPlace foomaticrip.c --replace /bin/bash /bin/sh |