diff options
author | Vladimír Čunát <vcunat@gmail.com> | 2015-02-26 21:24:45 +0100 |
---|---|---|
committer | Vladimír Čunát <vcunat@gmail.com> | 2015-02-26 21:25:20 +0100 |
commit | f3bf4505a91bb16b9387baeb5d2f16444a354aec (patch) | |
tree | 8c35a039c39e25b4d069ea1f1ee44fca18c6ca8f /pkgs/tools/archivers/cpio/default.nix | |
parent | 355424724eca90c6496bd94814e2712711478ec4 (diff) |
cpio: fix CVE-2015-1197 by Suse patch
Diffstat (limited to 'pkgs/tools/archivers/cpio/default.nix')
-rw-r--r-- | pkgs/tools/archivers/cpio/default.nix | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/pkgs/tools/archivers/cpio/default.nix b/pkgs/tools/archivers/cpio/default.nix index 0bfa81cb9478c..6a61ded4b1980 100644 --- a/pkgs/tools/archivers/cpio/default.nix +++ b/pkgs/tools/archivers/cpio/default.nix @@ -18,6 +18,15 @@ stdenv.mkDerivation { }) ] ++ stdenv.lib.optional stdenv.isDarwin ./darwin-fix.patch; + postPatch = let pp = + fetchpatch { + name = "CVE-2015-1197.diff"; + url = "https://marc.info/?l=oss-security&m=142289947619786&w=2"; + sha256 = "0fr95bj416zfljv40fl1sh50059d18wdmfgaq8ad2fqi5cnbk859"; + }; + # one "<" and one "&" sign get mangled in the patch + in "cat ${pp} | sed 's/</</;s/&/\\&/' | patch -p1"; + meta = { homepage = http://www.gnu.org/software/cpio/; description = "A program to create or extract from cpio archives"; |