diff options
Diffstat (limited to 'pkgs/servers')
-rw-r--r-- | pkgs/servers/http/apache-httpd/2.4.nix | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/pkgs/servers/http/apache-httpd/2.4.nix b/pkgs/servers/http/apache-httpd/2.4.nix index 3393d0cf58b6..ecf9ee9d84a4 100644 --- a/pkgs/servers/http/apache-httpd/2.4.nix +++ b/pkgs/servers/http/apache-httpd/2.4.nix @@ -5,6 +5,7 @@ , ldapSupport ? true, openldap , libxml2Support ? true, libxml2 , luaSupport ? false, lua5 +, fetchpatch }: let optional = stdenv.lib.optional; @@ -35,10 +36,19 @@ stdenv.mkDerivation rec { optional http2Support nghttp2 ++ optional stdenv.isDarwin libiconv; - patchPhase = '' + prePatch = '' sed -i config.layout -e "s|installbuilddir:.*|installbuilddir: $dev/share/build|" ''; + patches = [ + (fetchpatch { + name = "CVE-2017-9798.patch"; + url = "https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch"; + sha256 = "00hbq5szgav91kwsc30jdjvgd3vbgm8n198yna8bcs33p434v25k"; + stripLen = 3; + }) + ]; + # Required for ‘pthread_cancel’. NIX_LDFLAGS = stdenv.lib.optionalString (!stdenv.isDarwin) "-lgcc_s"; |