diff options
author | Franz Pletz <fpletz@fnordicwalking.de> | 2019-01-10 18:03:40 +0100 |
---|---|---|
committer | Franz Pletz <fpletz@fnordicwalking.de> | 2019-01-10 20:54:12 +0100 |
commit | 74a64a8a616a613cf8918954091cbaa2bfdc75ed (patch) | |
tree | 1ec869976d387c28a03f094424b9fbc0a745af20 /pkgs/os-specific/linux/systemd | |
parent | 2712f12244b78e05eddd37770478a84e929ef19b (diff) |
systemd: 239 -> 239.20190110
Fixes CVE-2018-16864 & CVE-2018-16865 (journald stack clash). Fixes #53755. Also updates the debian patches to fix CVE-2018-15686. Fixes #52250.
Diffstat (limited to 'pkgs/os-specific/linux/systemd')
-rw-r--r-- | pkgs/os-specific/linux/systemd/default.nix | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index 1d45109ac852d..d4623ccd633db 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -18,7 +18,7 @@ let pythonLxmlEnv = buildPackages.python3Packages.python.withPackages ( ps: with ps; [ python3Packages.lxml ]); in stdenv.mkDerivation rec { - version = "239"; + version = "239.20190110"; name = "systemd-${version}"; # When updating, use https://github.com/systemd/systemd-stable tree, not the development one! @@ -26,8 +26,8 @@ in stdenv.mkDerivation rec { src = fetchFromGitHub { owner = "NixOS"; repo = "systemd"; - rev = "31859ddd35fc3fa82a583744caa836d356c31d7f"; - sha256 = "1xci0491j95vdjgs397n618zii3sgwnvanirkblqqw6bcvcjvir1"; + rev = "nixos-v${version}"; + sha256 = "1m9mhv7b4kfa43z79106gpgxx51zlhvvfjrlmimdsvsiw72nzldj"; }; prePatch = let @@ -37,8 +37,8 @@ in stdenv.mkDerivation rec { # When the URL disappears, it typically means that Debian has new patches # (probably security) and updating to new tarball will apply them as well. name = "systemd-debian-patches.tar.xz"; - url = mirror://debian/pool/main/s/systemd/systemd_239-11~bpo9+1.debian.tar.xz; - sha256 = "136f6p4jbi4z94mf4g099dfcacwka8jwhza0wxxw2q5l5q3xiysh"; + url = mirror://debian/pool/main/s/systemd/systemd_239-12~bpo9+1.debian.tar.xz; + sha256 = "0v9f62gyfiw5icdrdlcvjcipsqrsm49w6n8bqp9nb8s2ih6rsfhg"; }; # Note that we skip debian-specific patches, i.e. ./debian/patches/debian/* in '' |