diff options
author | Franz Pletz <fpletz@fnordicwalking.de> | 2016-09-25 17:22:01 +0200 |
---|---|---|
committer | Franz Pletz <fpletz@fnordicwalking.de> | 2016-09-25 17:38:31 +0200 |
commit | 668572753c598ed4bf617794093bfb91aa82427c (patch) | |
tree | c50e72e893e4a49b61bcf61505266f1b4bf376b8 /pkgs/tools/filesystems | |
parent | c049fd4a31abc80c69e58cc40393b94eecba061b (diff) | |
download | nixlib-668572753c598ed4bf617794093bfb91aa82427c.tar nixlib-668572753c598ed4bf617794093bfb91aa82427c.tar.gz nixlib-668572753c598ed4bf617794093bfb91aa82427c.tar.bz2 nixlib-668572753c598ed4bf617794093bfb91aa82427c.tar.lz nixlib-668572753c598ed4bf617794093bfb91aa82427c.tar.xz nixlib-668572753c598ed4bf617794093bfb91aa82427c.tar.zst nixlib-668572753c598ed4bf617794093bfb91aa82427c.zip |
fuseiso: fix CVE-2015-8836 & CVE-2015-8837
Diffstat (limited to 'pkgs/tools/filesystems')
-rw-r--r-- | pkgs/tools/filesystems/fuseiso/default.nix | 24 |
1 files changed, 22 insertions, 2 deletions
diff --git a/pkgs/tools/filesystems/fuseiso/default.nix b/pkgs/tools/filesystems/fuseiso/default.nix index 7ea5d581a59b..7165789cf81c 100644 --- a/pkgs/tools/filesystems/fuseiso/default.nix +++ b/pkgs/tools/filesystems/fuseiso/default.nix @@ -1,15 +1,35 @@ -{ stdenv, fetchurl, pkgconfig, fuse, zlib, glib }: +{ stdenv, fetchurl, fetchpatch, pkgconfig, fuse, zlib, glib }: stdenv.mkDerivation rec { name = "fuseiso-20070708"; src = fetchurl { url = "mirror://sourceforge/project/fuseiso/fuseiso/20070708/fuseiso-20070708.tar.bz2"; - sha1 = "fe142556ad35dd7e5dc31a16183232a6e2da7692"; + sha256 = "127xql52dcdhmh7s5m9xc6q39jdlj3zhbjar1j821kb6gl3jw94b"; }; buildInputs = [ pkgconfig fuse zlib glib ]; + patches = let fetchPatchFromDebian = { patch, sha256 }: + fetchpatch { + inherit sha256; + url = "https://sources.debian.net/data/main/f/fuseiso/20070708-3.2/debian/patches/${patch}"; + }; + in [ + (fetchPatchFromDebian { + patch = "00-support_large_iso.patch"; + sha256 = "1lmclb1qwzz5f4wlq693g83bblwnjjl73qhgfxbsaac5hnn2shjw"; + }) + (fetchPatchFromDebian { # CVE-2015-8837 + patch = "02-prevent-buffer-overflow.patch"; + sha256 = "1ls2pp3mh91pdb51qz1fsd8pwhbky6988bpd156bn7wgfxqzh8ig"; + }) + (fetchPatchFromDebian { # CVE-2015-8836 + patch = "03-prevent-integer-overflow.patch"; + sha256 = "100cw07fk4sa3hl7a1gk2hgz4qsxdw99y20r7wpidwwwzy463zcv"; + }) + ]; + meta = { homepage = http://sourceforge.net/projects/fuseiso; description = "FUSE module to mount ISO filesystem images"; |