diff options
author | Vladimír Čunát <v@cunat.cz> | 2022-12-17 09:42:25 +0100 |
---|---|---|
committer | Vladimír Čunát <v@cunat.cz> | 2022-12-17 10:11:17 +0100 |
commit | 39812f47c445999cf84493856d17fb33b0be016f (patch) | |
tree | 9de3dbbc410841a13fd5c69ae4af5dca96538b61 /pkgs | |
parent | 0ba3487fc6deac3cc9422f5424a37dd8b5e9f6e2 (diff) | |
parent | a6edc3de150aa9aa1a215ab13b8789664399971b (diff) |
Merge #206420: xorg.xorgserver: apply CVE patches
Diffstat (limited to 'pkgs')
-rw-r--r-- | pkgs/servers/x11/xorg/overrides.nix | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/pkgs/servers/x11/xorg/overrides.nix b/pkgs/servers/x11/xorg/overrides.nix index 529d9f2b90646..ddd5acad7a1a8 100644 --- a/pkgs/servers/x11/xorg/overrides.nix +++ b/pkgs/servers/x11/xorg/overrides.nix @@ -814,6 +814,43 @@ self: super: url = "https://gitlab.freedesktop.org/xorg/xserver/-/commit/dd8caf39e9e15d8f302e54045dd08d8ebf1025dc.diff"; sha256 = "rBiiXQRreMvexW9vOKblcfCYzul+9La01EAhir4FND8="; }) + ] + # TODO: remove with xorgserver >= 21.1.5; https://www.mail-archive.com/xorg-announce@lists.x.org/msg01511.html + ++ [ + (fetchpatch { + name = "CVE-2022-46340.diff"; + url = "https://gitlab.freedesktop.org/xorg/xserver/-/commit/b320ca0ffe4c0c872eeb3a93d9bde21f765c7c63.diff"; + sha256 = "sha256-XPjLwZcJPLVv1ufgqnUxl73HKcJWWTDy2J/oxFiFnAU="; + }) + (fetchpatch { + name = "CVE-2022-46341.diff"; + url = "https://gitlab.freedesktop.org/xorg/xserver/-/commit/51eb63b0ee1509c6c6b8922b0e4aa037faa6f78b.diff"; + sha256 = "sha256-w+tzzoI1TfjjiFw5GNxVBgPc7M2lRY60zl+ySsyV59o="; + }) + (fetchpatch { + name = "CVE-2022-46342.diff"; + url = "https://gitlab.freedesktop.org/xorg/xserver/-/commit/b79f32b57cc0c1186b2899bce7cf89f7b325161b.diff"; + sha256 = "sha256-NytCsqRlqhs8xpOL8PGgluU0nKd7VIY26BXgpzN6WqE="; + }) + (fetchpatch { + name = "CVE-2022-46343.diff"; + url = "https://gitlab.freedesktop.org/xorg/xserver/-/commit/842ca3ccef100ce010d1d8f5f6d6cc1915055900.diff"; + sha256 = "sha256-oUwKwfN6lAvZ60dylm53+/yDeFnYTVdCINpBAfM6LoY="; + }) + (fetchpatch { + url = "https://gitlab.freedesktop.org/xorg/xserver/-/commit/b8a84cb0f2807b07ab70ca9915fcdee21301b8ca.diff"; + sha256 = "sha256-Y2x9/P0SgwUAJRjIXivA32NnMso7gQAid+VjcwNUsa8="; + }) + (fetchpatch { + name = "CVE-2022-46344.diff"; + url = "https://gitlab.freedesktop.org/xorg/xserver/-/commit/8f454b793e1f13c99872c15f0eed1d7f3b823fe8.diff"; + sha256 = "sha256-Cr760UPwmm8Qr0o/R8/IlgggXQ6ENTHRz3bP/nsIwbU="; + }) + (fetchpatch { + name = "CVE-2022-4283.diff"; + url = "https://gitlab.freedesktop.org/xorg/xserver/-/commit/ccdd431cd8f1cabae9d744f0514b6533c438908c.diff"; + sha256 = "sha256-IGPsjS7KgRPLrs1ImBXvIFCa8Iu5ZiAHRZvHlBYP8KQ="; + }) ]; buildInputs = commonBuildInputs ++ [ libdrm mesa ]; propagatedBuildInputs = attrs.propagatedBuildInputs or [] ++ [ libpciaccess libepoxy ] ++ commonPropagatedBuildInputs ++ lib.optionals stdenv.isLinux [ |