about summary refs log tree commit diff
path: root/pkgs/tools/networking
diff options
context:
space:
mode:
authorAndreas Rammhold <andreas@rammhold.de>2020-03-06 23:35:18 +0100
committerAndreas Rammhold <andreas@rammhold.de>2020-03-06 23:35:18 +0100
commit142c3153f743f9cb6069d2231a95af2c65aec9f7 (patch)
tree7d8832eeb3bcade4e4a92849ce443b129ceb4f62 /pkgs/tools/networking
parentcaffd5104883b6a433fc050c35d2076c4d1f4499 (diff)
downloadnixlib-142c3153f743f9cb6069d2231a95af2c65aec9f7.tar
nixlib-142c3153f743f9cb6069d2231a95af2c65aec9f7.tar.gz
nixlib-142c3153f743f9cb6069d2231a95af2c65aec9f7.tar.bz2
nixlib-142c3153f743f9cb6069d2231a95af2c65aec9f7.tar.lz
nixlib-142c3153f743f9cb6069d2231a95af2c65aec9f7.tar.xz
nixlib-142c3153f743f9cb6069d2231a95af2c65aec9f7.tar.zst
nixlib-142c3153f743f9cb6069d2231a95af2c65aec9f7.zip
ppp: apply patch for CVE-2020-8597
This fixes a potential buffer overflow in the eap_{request,response}
functions.
Diffstat (limited to 'pkgs/tools/networking')
-rw-r--r--pkgs/tools/networking/ppp/default.nix5
1 files changed, 5 insertions, 0 deletions
diff --git a/pkgs/tools/networking/ppp/default.nix b/pkgs/tools/networking/ppp/default.nix
index 564ba88a97d4..1579823450b6 100644
--- a/pkgs/tools/networking/ppp/default.nix
+++ b/pkgs/tools/networking/ppp/default.nix
@@ -31,6 +31,11 @@ stdenv.mkDerivation rec {
         url = https://www.nikhef.nl/~janjust/ppp/ppp-2.4.7-eaptls-mppe-1.102.patch;
         sha256 = "04war8l5szql53l36043hvzgfwqp3v76kj8brbz7wlf7vs2mlkia";
       })
+      (fetchpatch {
+        name = "CVE-2020-8597.patch";
+        url = "https://github.com/paulusmack/ppp/commit/8d7970b8f3db727fe798b65f3377fe6787575426.patch";
+        sha256 = "129wnhwxmzvr3y9gzxv82jnb5y8m4yg8vkpa0xl2rwkl8anbzgkh";
+      })
       ./musl-fix-headers.patch
     ];
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-25 12:12:06 +0000