diff options
Diffstat (limited to 'nixpkgs/pkgs/tools/archivers/unzip/default.nix')
-rw-r--r-- | nixpkgs/pkgs/tools/archivers/unzip/default.nix | 81 |
1 files changed, 81 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/tools/archivers/unzip/default.nix b/nixpkgs/pkgs/tools/archivers/unzip/default.nix new file mode 100644 index 000000000000..584f981aff70 --- /dev/null +++ b/nixpkgs/pkgs/tools/archivers/unzip/default.nix @@ -0,0 +1,81 @@ +{ lib, stdenv, fetchurl +, bzip2 +, enableNLS ? false, libnatspec +}: + +stdenv.mkDerivation rec { + pname = "unzip"; + version = "6.0"; + + src = fetchurl { + url = "mirror://sourceforge/infozip/unzip${lib.replaceStrings ["."] [""] version}.tar.gz"; + sha256 = "0dxx11knh3nk95p2gg2ak777dd11pr7jx5das2g49l262scrcv83"; + }; + + hardeningDisable = [ "format" ]; + + patchFlags = [ "-p1" "-F3" ]; + + patches = [ + ./CVE-2014-8139.diff + ./CVE-2014-8140.diff + ./CVE-2014-8141.diff + ./CVE-2014-9636.diff + ./CVE-2015-7696.diff + ./CVE-2015-7697.diff + ./CVE-2014-9913.patch + ./CVE-2016-9844.patch + ./CVE-2018-18384.patch + ./dont-hardcode-cc.patch + (fetchurl { + url = "https://github.com/madler/unzip/commit/41beb477c5744bc396fa1162ee0c14218ec12213.patch"; + name = "CVE-2019-13232-1.patch"; + sha256 = "04jzd6chg9fw4l5zadkfsrfm5llrd7vhd1dgdjjd29nrvkrjyn14"; + }) + (fetchurl { + url = "https://github.com/madler/unzip/commit/47b3ceae397d21bf822bc2ac73052a4b1daf8e1c.patch"; + name = "CVE-2019-13232-2.patch"; + sha256 = "0iy2wcjyvzwrjk02iszwcpg85fkjxs1bvb9isvdiywszav4yjs32"; + }) + (fetchurl { + url = "https://github.com/madler/unzip/commit/6d351831be705cc26d897db44f878a978f4138fc.patch"; + name = "CVE-2019-13232-3.patch"; + sha256 = "1jvs7dkdqs97qnsqc6hk088alhv8j4c638k65dbib9chh40jd7pf"; + }) + ] ++ lib.optional enableNLS + (fetchurl { + url = "http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/app-arch/unzip/files/unzip-6.0-natspec.patch?revision=1.1"; + name = "unzip-6.0-natspec.patch"; + sha256 = "67ab260ae6adf8e7c5eda2d1d7846929b43562943ec4aff629bd7018954058b1"; + }); + + nativeBuildInputs = [ bzip2 ]; + buildInputs = [ bzip2 ] ++ lib.optional enableNLS libnatspec; + + makefile = "unix/Makefile"; + + NIX_LDFLAGS = "-lbz2" + lib.optionalString enableNLS " -lnatspec"; + + buildFlags = [ + "generic" + "D_USE_BZ2=-DUSE_BZIP2" + "L_BZ2=-lbz2" + ]; + + preConfigure = '' + sed -i -e 's@CF="-O3 -Wall -I. -DASM_CRC $(LOC)"@CF="-O3 -Wall -I. -DASM_CRC -DLARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 $(LOC)"@' unix/Makefile + ''; + + installFlags = [ + "prefix=${placeholder "out"}" + ]; + + setupHook = ./setup-hook.sh; + + meta = { + homepage = "http://www.info-zip.org"; + description = "An extraction utility for archives compressed in .zip format"; + license = lib.licenses.free; # http://www.info-zip.org/license.html + platforms = lib.platforms.all; + }; +} |