diff options
author | Thomas Gerbet <thomas@gerbet.me> | 2024-02-10 22:34:31 +0100 |
---|---|---|
committer | Thomas Gerbet <thomas@gerbet.me> | 2024-02-11 15:27:32 +0100 |
commit | 100af695bf0ae85a2af3c394fe5230c0c1a293c9 (patch) | |
tree | 85ff8bb22565a080f121b75d7499ce4bd8e11347 | |
parent | ef43130a0dd4c762e829acda94c3099e04b9a289 (diff) |
opencryptoki: 3.20.0 -> 3.23.0
Fixes CVE-2024-0914. Changes: https://github.com/opencryptoki/opencryptoki/blob/v3.23.0/ChangeLog
-rw-r--r-- | pkgs/tools/security/opencryptoki/default.nix | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/pkgs/tools/security/opencryptoki/default.nix b/pkgs/tools/security/opencryptoki/default.nix index 056c379ac68f8..67acc540348b4 100644 --- a/pkgs/tools/security/opencryptoki/default.nix +++ b/pkgs/tools/security/opencryptoki/default.nix @@ -7,17 +7,18 @@ , openldap , openssl , trousers +, libcap }: stdenv.mkDerivation rec { pname = "opencryptoki"; - version = "3.20.0"; + version = "3.23.0"; src = fetchFromGitHub { owner = "opencryptoki"; repo = "opencryptoki"; rev = "v${version}"; - hash = "sha256-Z11CDw9ykmJ7MI7I0H4Y/i+8/I+hRgC2frklYPP1di0="; + hash = "sha256-5FcvwGTzsL0lYrSYGlbSY89s6OKzg+2TRlwHlJjdzXo="; }; nativeBuildInputs = [ @@ -30,14 +31,17 @@ stdenv.mkDerivation rec { openldap openssl trousers + libcap ]; postPatch = '' substituteInPlace configure.ac \ - --replace "usermod" "true" \ - --replace "groupadd" "true" \ - --replace "chmod" "true" \ - --replace "chgrp" "true" + --replace-fail "usermod" "true" \ + --replace-fail "useradd" "true" \ + --replace-fail "groupadd" "true" \ + --replace-fail "chmod" "true" \ + --replace-fail "chown" "true" \ + --replace-fail "chgrp" "true" ''; configureFlags = [ |