diff options
| author | Sandro <sandro.jaeckel@gmail.com> | 2022-10-27 01:14:38 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-10-27 01:14:38 +0200 |
| commit | 50d91e787113b51a09035328de235a3c4ea5258b (patch) | |
| tree | 1fdb03cfccd9bca948cecfeebc252ccad13da1d4 /pkgs/applications/networking | |
| parent | b05729432a727f8815bcba9f1676c974b1c7db7f (diff) | |
| parent | 91a37f5d6df6e1dbbda2dfe788a2d305bad11eb4 (diff) | |
Merge pull request #197782 from risicle/ris-pjsip-CVE-2022-39269-CVE-2022-39244
Diffstat (limited to 'pkgs/applications/networking')
| -rw-r--r-- | pkgs/applications/networking/instant-messengers/jami/default.nix | 6 | ||||
| -rw-r--r-- | pkgs/applications/networking/pjsip/default.nix | 10 |
2 files changed, 15 insertions, 1 deletions
diff --git a/pkgs/applications/networking/instant-messengers/jami/default.nix b/pkgs/applications/networking/instant-messengers/jami/default.nix index 690f6534e9389..5982b9b0dded0 100644 --- a/pkgs/applications/networking/instant-messengers/jami/default.nix +++ b/pkgs/applications/networking/instant-messengers/jami/default.nix @@ -71,10 +71,14 @@ rec { sha256 = "sha256-ENRfQh/HCXqInTV0tu8tGQO7+vTbST6XXpptERXMACE="; }; - patches = old.patches ++ (map (x: patch-src + x) (readLinesToList ./config/pjsip_patches)); + patches = (map (x: patch-src + x) (readLinesToList ./config/pjsip_patches)); configureFlags = (readLinesToList ./config/pjsip_args_common) ++ lib.optionals stdenv.isLinux (readLinesToList ./config/pjsip_args_linux); + + meta = { + knownVulnerabilities = [ "CVE-2022-39269" "CVE-2022-39244" ]; + } // old.meta; }); opendht-jami = opendht.override { diff --git a/pkgs/applications/networking/pjsip/default.nix b/pkgs/applications/networking/pjsip/default.nix index 612c6bd0bc3e6..f134474006ecb 100644 --- a/pkgs/applications/networking/pjsip/default.nix +++ b/pkgs/applications/networking/pjsip/default.nix @@ -13,6 +13,16 @@ stdenv.mkDerivation rec { patches = [ ./fix-aarch64.patch + (fetchpatch { + name = "CVE-2022-39269.patch"; + url = "https://github.com/pjsip/pjproject/commit/d2acb9af4e27b5ba75d658690406cec9c274c5cc.patch"; + sha256 = "sha256-bKE/MrRAqN1FqD2ubhxIOOf5MgvZluHHeVXPjbR12iQ="; + }) + (fetchpatch { + name = "CVE-2022-39244.patch"; + url = "https://github.com/pjsip/pjproject/commit/c4d34984ec92b3d5252a7d5cddd85a1d3a8001ae.patch"; + sha256 = "sha256-hTUMh6bYAizn6GF+sRV1vjKVxSf9pnI+eQdPOqsdJI4="; + }) ]; buildInputs = [ openssl libsamplerate ] |