diff options
author | Vladimír Čunát <vcunat@gmail.com> | 2014-09-09 21:42:09 +0200 |
---|---|---|
committer | Vladimír Čunát <vcunat@gmail.com> | 2014-09-09 21:46:44 +0200 |
commit | 15cb79e48ed6056af542ced6cc41e6b32664c05b (patch) | |
tree | 09593438b99c6d3a2e79ea8c487ad2a940056c6e /pkgs/development/interpreters/lua-5 | |
parent | 2c25f3854f321c705fe7a0c6b614a8f4f7b987f0 (diff) |
lua-5.1: fix CVE-2014-5461 by upstream+Debian patch
Diffstat (limited to 'pkgs/development/interpreters/lua-5')
-rw-r--r-- | pkgs/development/interpreters/lua-5/5.1.nix | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/pkgs/development/interpreters/lua-5/5.1.nix b/pkgs/development/interpreters/lua-5/5.1.nix index 1b05cb8f77800..444ecbc787af6 100644 --- a/pkgs/development/interpreters/lua-5/5.1.nix +++ b/pkgs/development/interpreters/lua-5/5.1.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, readline }: +{ stdenv, fetchurl, fetchpatch, readline }: let dsoPatch = fetchurl { @@ -18,7 +18,13 @@ stdenv.mkDerivation rec { buildInputs = [ readline ]; - patches = if stdenv.isDarwin then [ ./5.1.darwin.patch ] else [ dsoPatch ]; + patches = (if stdenv.isDarwin then [ ./5.1.darwin.patch ] else [ dsoPatch ]) + ++ [(fetchpatch { + name = "CVE-2014-5461.patch"; + url = "http://anonscm.debian.org/cgit/pkg-lua/lua5.1.git/plain/debian/patches/" + + "0004-Fix-stack-overflow-in-vararg-functions.patch?id=b75a2014db2ad65683521f7bb295bfa37b48b389"; + sha256 = "05i5vh53d9i6dy11ibg9i9qpwz5hdm0s8bkx1d9cfcvy80cm4c7f"; + })]; configurePhase = if stdenv.isDarwin |