about summary refs log tree commit diff
path: root/pkgs/tools/archivers
diff options
context:
space:
mode:
authorVladimír Čunát <vcunat@gmail.com>2015-02-26 21:24:45 +0100
committerVladimír Čunát <vcunat@gmail.com>2015-02-26 21:25:20 +0100
commitf3bf4505a91bb16b9387baeb5d2f16444a354aec (patch)
tree8c35a039c39e25b4d069ea1f1ee44fca18c6ca8f /pkgs/tools/archivers
parent355424724eca90c6496bd94814e2712711478ec4 (diff)
downloadnixlib-f3bf4505a91bb16b9387baeb5d2f16444a354aec.tar
nixlib-f3bf4505a91bb16b9387baeb5d2f16444a354aec.tar.gz
nixlib-f3bf4505a91bb16b9387baeb5d2f16444a354aec.tar.bz2
nixlib-f3bf4505a91bb16b9387baeb5d2f16444a354aec.tar.lz
nixlib-f3bf4505a91bb16b9387baeb5d2f16444a354aec.tar.xz
nixlib-f3bf4505a91bb16b9387baeb5d2f16444a354aec.tar.zst
nixlib-f3bf4505a91bb16b9387baeb5d2f16444a354aec.zip
cpio: fix CVE-2015-1197 by Suse patch
Diffstat (limited to 'pkgs/tools/archivers')
-rw-r--r--pkgs/tools/archivers/cpio/default.nix9


1 files changed, 9 insertions, 0 deletions
diff --git a/pkgs/tools/archivers/cpio/default.nix b/pkgs/tools/archivers/cpio/default.nix
index 0bfa81cb9478..6a61ded4b198 100644
--- a/pkgs/tools/archivers/cpio/default.nix
+++ b/pkgs/tools/archivers/cpio/default.nix
@@ -18,6 +18,15 @@ stdenv.mkDerivation {
     })
   ] ++ stdenv.lib.optional stdenv.isDarwin ./darwin-fix.patch;
 
+  postPatch = let pp =
+    fetchpatch {
+      name = "CVE-2015-1197.diff";
+      url = "https://marc.info/?l=oss-security&m=142289947619786&w=2";
+      sha256 = "0fr95bj416zfljv40fl1sh50059d18wdmfgaq8ad2fqi5cnbk859";
+    };
+    # one "<" and one "&" sign get mangled in the patch
+    in "cat ${pp} | sed 's/&lt;/</;s/&amp;/\\&/' | patch -p1";
+
   meta = {
     homepage = http://www.gnu.org/software/cpio/;
     description = "A program to create or extract from cpio archives";

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-04 20:54:02 +0000