diff options
author | Robert Scott <code@humanleg.org.uk> | 2022-08-27 14:30:33 +0100 |
---|---|---|
committer | Alyssa Ross <hi@alyssa.is> | 2022-08-28 19:20:43 +0000 |
commit | 02ca06405e814d6967cf741a9588a4f80ae4db8d (patch) | |
tree | 9a0ce2860c904837de95749e1046658a18a06817 /pkgs/applications/virtualization | |
parent | abbb1e1a4143296c48825414d9f97d041096fa1d (diff) |
qemu: add patches for CVE-2022-0216
Diffstat (limited to 'pkgs/applications/virtualization')
-rw-r--r-- | pkgs/applications/virtualization/qemu/default.nix | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/pkgs/applications/virtualization/qemu/default.nix b/pkgs/applications/virtualization/qemu/default.nix index bb20f2a73840f..e83005517c4f2 100644 --- a/pkgs/applications/virtualization/qemu/default.nix +++ b/pkgs/applications/virtualization/qemu/default.nix @@ -126,6 +126,22 @@ stdenv.mkDerivation rec { url = "https://gitlab.com/qemu-project/qemu/-/commit/418ade7849ce7641c0f7333718caf5091a02fd4c.patch"; sha256 = "sha256-zQHDXedIXZBnabv4+3TA4z5mY1+KZiPmqUbhaSkGLgA="; }) + # needed for CVE-2022-0216's test to pass + (fetchpatch { + name = "fuzz-tests-x86-only.patch"; + url = "https://gitlab.com/qemu-project/qemu/-/commit/b911c30c566dee48a27bc1bfa1ee6df3a729cbbb.patch"; + sha256 = "sha256-RXKRmZo25yZ1VuBtBA+BsY8as9kIcACqE6aEYmIm9KQ="; + }) + (fetchpatch { + name = "CVE-2022-0216.part-1.patch"; + url = "https://gitlab.com/qemu-project/qemu/-/commit/6c8fa961da5e60f574bb52fd3ad44b1e9e8ad4b8.patch"; + sha256 = "sha256-0z0zVPBVXFSU8qEV0Ea2+rDxyikMyitlDM0jZOLLC6s="; + }) + (fetchpatch { + name = "CVE-2022-0216.part-2.patch"; + url = "https://gitlab.com/qemu-project/qemu/-/commit/4367a20cc442c56b05611b4224de9a61908f9eac.patch"; + sha256 = "sha256-hpNu4Zjw1dIbT6Vt57cayHE1Elaltp0a/bsKlDY0Qr8="; + }) ] ++ lib.optional nixosTestRunner ./force-uid0-on-9p.patch; |