diff options
author | Thomas Gerbet <thomas@gerbet.me> | 2024-04-13 14:22:06 +0200 |
---|---|---|
committer | Thomas Gerbet <thomas@gerbet.me> | 2024-04-13 14:36:57 +0200 |
commit | 22bd2ab6247c42c3dbf9221d6f3a509c8291cd94 (patch) | |
tree | 4d5d119a7f324382722fe1fda6c199f2e1c3013c /pkgs/by-name | |
parent | 14b13525fc3cdf076743a89ad044ec46e73c8ed2 (diff) |
less: apply patch for security issue when opening files with \n in paths
https://www.openwall.com/lists/oss-security/2024/04/12/5
Diffstat (limited to 'pkgs/by-name')
-rw-r--r-- | pkgs/by-name/le/less/package.nix | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/pkgs/by-name/le/less/package.nix b/pkgs/by-name/le/less/package.nix index 1efce2bddefc6..f7791a2636eb7 100644 --- a/pkgs/by-name/le/less/package.nix +++ b/pkgs/by-name/le/less/package.nix @@ -1,6 +1,7 @@ { lib , stdenv , fetchurl +, fetchpatch , ncurses , pcre2 }: @@ -16,6 +17,15 @@ stdenv.mkDerivation (finalAttrs: { hash = "sha256-KRG1QyyDb6CEyKLmj2zWMSNywCalj6qpiGJzHItgUug="; }; + patches = [ + (fetchpatch { + # https://www.openwall.com/lists/oss-security/2024/04/12/5 + name = "sec-issue-newline-path.patch"; + url = "https://gitlab.archlinux.org/archlinux/packaging/packages/less/-/raw/1d570db0c84fe95799f460526492e45e24c30ad0/backport-007521ac3c95bc76.patch"; + hash = "sha256-BT8DLIu7oVhL5XL50uFVUp97qjklcvRHy85UQwVKAmc="; + }) + ]; + buildInputs = [ ncurses pcre2 |