diff options
author | Silvan Mosberger <contact@infinisil.com> | 2019-11-08 23:59:51 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-11-08 23:59:51 +0100 |
commit | 675884ffb1d9caafcc8ef88523d9e4d5e5c654d7 (patch) | |
tree | 197d6a30f4c99a4b03e83c4e5a87a2c2ce5e54f7 | |
parent | 78e1f59812b144fa1a28d4d3b70ff7667519f3ae (diff) | |
parent | b795babe296aa7dbaf65828c47546cd0aad2842b (diff) |
Merge pull request #73078 from risicle/ris-varnish-CVE-2019-15892-r19.03
[r19.03] varnish6: add patch for CVE-2019-15892
-rw-r--r-- | pkgs/servers/varnish/default.nix | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/pkgs/servers/varnish/default.nix b/pkgs/servers/varnish/default.nix index e447035e32aa4..50b2b76fd13ec 100644 --- a/pkgs/servers/varnish/default.nix +++ b/pkgs/servers/varnish/default.nix @@ -1,9 +1,10 @@ -{ stdenv, fetchurl, pcre, libxslt, groff, ncurses, pkgconfig, readline, libedit +{ stdenv, fetchurl, fetchpatch, pcre, libxslt, groff, ncurses, pkgconfig, readline, libedit , python2, makeWrapper }: let - common = { version, sha256, extraBuildInputs ? [] }: + common = { version, sha256, extraBuildInputs ? [], patches ? null }: stdenv.mkDerivation rec { + inherit patches; name = "varnish-${version}"; src = fetchurl { @@ -50,5 +51,11 @@ in version = "6.1.1"; sha256 = "0gf9hzzrr1lndbbqi8cwlfasi7l517cy3nbgna88i78lm247rvp0"; extraBuildInputs = [ python2.pkgs.sphinx ]; + patches = [ + (fetchpatch { + url = "https://sources.debian.org/data/main/v/varnish/6.1.1-1+deb10u1/debian/patches/CVE-2019-15892.patch"; + sha256 = "03jlflgry4j9f34kxni64j6583jqr828zgy68ywdmglpxkgpyma7"; + }) + ]; }; } |