diff options
author | Leona Maroni <dev@leona.is> | 2024-05-03 16:09:45 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-05-03 16:09:45 +0200 |
commit | 6205fb4c566aaa90d29bddb2af39e99e4b606ef3 (patch) | |
tree | fbe0f3ea6a026883053abc6e59a1601bed2ea915 | |
parent | 5771c2f0e8998292d31e54430740d96c79fae164 (diff) | |
parent | b1da7c4c044cb12fe99f7b16f65ae229d9e77b0b (diff) |
Merge pull request #308218 from LeSuisse/iwd-CVE-2023-52161-23.11
[23.11] iwd: apply patches for CVE-2023-52161 and buffer overflows
-rw-r--r-- | pkgs/os-specific/linux/iwd/default.nix | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/pkgs/os-specific/linux/iwd/default.nix b/pkgs/os-specific/linux/iwd/default.nix index 1b983bb90e1e..9394105efe65 100644 --- a/pkgs/os-specific/linux/iwd/default.nix +++ b/pkgs/os-specific/linux/iwd/default.nix @@ -1,5 +1,6 @@ { lib, stdenv , fetchgit +, fetchpatch , autoreconfHook , pkg-config , ell @@ -20,6 +21,24 @@ stdenv.mkDerivation rec { sha256 = "sha256-i+2R8smgLXooApj0Z5e03FybhYgw1X/kIsJkrDzW8y4="; }; + patches = [ + (fetchpatch { + name = "CVE-2023-52161.patch"; + url = "https://git.kernel.org/pub/scm/network/wireless/iwd.git/patch/?id=6415420f1c92012f64063c131480ffcef58e60ca"; + hash = "sha256-bN5mxdWDyKEC2IyyG2vlzTEAL57C4uC7GAJA3jSXJHg="; + }) + (fetchpatch { + name = "netdev-buffer-overflow-32-byte-ssid.patch"; + url = "https://git.kernel.org/pub/scm/network/wireless/iwd.git/patch/?id=8d68b33e763aced6d419df9f6534760d2c890279"; + hash = "sha256-BSduzwVUTEcqjVwD88qJYgItApcQZwU43u9gbNMDs8I="; + }) + (fetchpatch { + name = "erp-buffer-overflow-32-byte-ssid.patch"; + url = "https://git.kernel.org/pub/scm/network/wireless/iwd.git/patch/?id=bdaae53cf828a1f6ea7a7b57d7d6ebcc7b70ac43"; + hash = "sha256-K/Ib0azlZ0UlFqcqs+8dSfj0hh0j0dZYpfB9f6tEqc8="; + }) + ]; + outputs = [ "out" "man" "doc" ] ++ lib.optional (stdenv.hostPlatform == stdenv.buildPlatform) "test"; |