diff options
author | Jörg Thalheim <joerg@thalheim.io> | 2017-08-25 22:00:29 +0100 |
---|---|---|
committer | Jörg Thalheim <joerg@thalheim.io> | 2017-08-25 22:02:25 +0100 |
commit | ad7439fbd1aa06fbf24229be5d3de62330e38d4b (patch) | |
tree | 9047e08e9003a404c4c0250b070f11459363d95d /pkgs/tools/networking/strongswan | |
parent | 7067c699fa80a67cdc852505eba7910edd10fd4b (diff) | |
download | nixlib-ad7439fbd1aa06fbf24229be5d3de62330e38d4b.tar nixlib-ad7439fbd1aa06fbf24229be5d3de62330e38d4b.tar.gz nixlib-ad7439fbd1aa06fbf24229be5d3de62330e38d4b.tar.bz2 nixlib-ad7439fbd1aa06fbf24229be5d3de62330e38d4b.tar.lz nixlib-ad7439fbd1aa06fbf24229be5d3de62330e38d4b.tar.xz nixlib-ad7439fbd1aa06fbf24229be5d3de62330e38d4b.tar.zst nixlib-ad7439fbd1aa06fbf24229be5d3de62330e38d4b.zip |
strongswan: add patch for CVE-2017-11185
Diffstat (limited to 'pkgs/tools/networking/strongswan')
-rw-r--r-- | pkgs/tools/networking/strongswan/default.nix | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/pkgs/tools/networking/strongswan/default.nix b/pkgs/tools/networking/strongswan/default.nix index 2c0352152d55..4d7bc7b3d0db 100644 --- a/pkgs/tools/networking/strongswan/default.nix +++ b/pkgs/tools/networking/strongswan/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, gmp, pkgconfig, python, autoreconfHook +{ stdenv, fetchurl, fetchpatch, gmp, pkgconfig, python, autoreconfHook , curl, trousers, sqlite, iptables, libxml2, openresolv , ldns, unbound, pcsclite, openssl, systemd, pam , enableTNC ? false }: @@ -21,6 +21,10 @@ stdenv.mkDerivation rec { ++ stdenv.lib.optionals stdenv.isLinux [ systemd.dev pam ]; patches = [ + (fetchpatch { + url = "https://download.strongswan.org/security/CVE-2017-11185/strongswan-4.4.0-5.5.3_gmp_mpz_export.patch"; + sha256 = "1vqf077dq71wai7ma3bpzv55i76b48gp2cf6507chgy4wj04gi73"; + }) ./ext_auth-path.patch ./firewall_defaults.patch ./updown-path.patch |