about summary refs log tree commit diff
path: root/pkgs/tools
diff options
context:
space:
mode:
authorMarek Mahut <marek.mahut@satoshilabs.com>2019-07-16 16:01:25 +0200
committerFrederik Rietdijk <freddyrietdijk@fridh.nl>2019-07-17 10:15:08 +0200
commit0238946872c1c63709790f6285bf9cc5585a6704 (patch)
treef5214d7fe4c8dda2ededb8b0f4ab7df021036e14 /pkgs/tools
parent0d832585b7a24e6634958c72396c7dff41cdedb5 (diff)
downloadnixlib-0238946872c1c63709790f6285bf9cc5585a6704.tar
nixlib-0238946872c1c63709790f6285bf9cc5585a6704.tar.gz
nixlib-0238946872c1c63709790f6285bf9cc5585a6704.tar.bz2
nixlib-0238946872c1c63709790f6285bf9cc5585a6704.tar.lz
nixlib-0238946872c1c63709790f6285bf9cc5585a6704.tar.xz
nixlib-0238946872c1c63709790f6285bf9cc5585a6704.tar.zst
nixlib-0238946872c1c63709790f6285bf9cc5585a6704.zip
unzip: CVE-2019-13232
Diffstat (limited to 'pkgs/tools')
-rw-r--r--pkgs/tools/archivers/unzip/default.nix5


1 files changed, 5 insertions, 0 deletions
diff --git a/pkgs/tools/archivers/unzip/default.nix b/pkgs/tools/archivers/unzip/default.nix
index cdf189e82df5..749f481d8903 100644
--- a/pkgs/tools/archivers/unzip/default.nix
+++ b/pkgs/tools/archivers/unzip/default.nix
@@ -26,6 +26,11 @@ stdenv.mkDerivation {
     ./CVE-2016-9844.patch
     ./CVE-2018-18384.patch
     ./dont-hardcode-cc.patch
+    (fetchurl {
+      url = "https://github.com/madler/unzip/commit/47b3ceae397d21bf822bc2ac73052a4b1daf8e1c.patch";
+      name = "CVE-2019-13232.patch";
+      sha256 = "0iy2wcjyvzwrjk02iszwcpg85fkjxs1bvb9isvdiywszav4yjs32";
+    })
   ] ++ stdenv.lib.optional enableNLS
     (fetchurl {
       url = "http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/app-arch/unzip/files/unzip-6.0-natspec.patch?revision=1.1";

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-11 07:51:11 +0000