about summary refs log tree commit diff
path: root/pkgs/tools
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/tools')
-rw-r--r--pkgs/tools/networking/curl/cve-2019-5481.diff26
-rw-r--r--pkgs/tools/networking/curl/default.nix2
-rw-r--r--pkgs/tools/text/gnupatch/CVE-2019-13638-and-CVE-2018-20969.patch (renamed from pkgs/tools/text/gnupatch/CVE-2019-13638.patch)0
-rw-r--r--pkgs/tools/text/gnupatch/default.nix6
4 files changed, 31 insertions, 3 deletions
diff --git a/pkgs/tools/networking/curl/cve-2019-5481.diff b/pkgs/tools/networking/curl/cve-2019-5481.diff
new file mode 100644
index 0000000000000..14167b566d8c1
--- /dev/null
+++ b/pkgs/tools/networking/curl/cve-2019-5481.diff
@@ -0,0 +1,26 @@
+https://github.com/curl/curl/commit/9069838b3
+--- a/lib/security.c
++++ b/lib/security.c
+@@ -191,7 +191,6 @@ static CURLcode read_data(struct connectdata *conn,
+                           struct krb5buffer *buf)
+ {
+   int len;
+-  void *tmp = NULL;
+   CURLcode result;
+ 
+   result = socket_read(fd, &len, sizeof(len));
+@@ -201,12 +200,11 @@ static CURLcode read_data(struct connectdata *conn,
+   if(len) {
+     /* only realloc if there was a length */
+     len = ntohl(len);
+-    tmp = Curl_saferealloc(buf->data, len);
++    buf->data = Curl_saferealloc(buf->data, len);
+   }
+-  if(tmp == NULL)
++  if(!len || !buf->data)
+     return CURLE_OUT_OF_MEMORY;
+ 
+-  buf->data = tmp;
+   result = socket_read(fd, buf->data, len);
+   if(result)
+     return result;
diff --git a/pkgs/tools/networking/curl/default.nix b/pkgs/tools/networking/curl/default.nix
index 630efbea358f7..ceb46eddd33d9 100644
--- a/pkgs/tools/networking/curl/default.nix
+++ b/pkgs/tools/networking/curl/default.nix
@@ -40,6 +40,8 @@ stdenv.mkDerivation rec {
       name = "CVE-2019-5435.patch";
       sha256 = "00w12yhq8q260n91i1xrynz3vn4w3lypgl19cm893s35pbvg7y17";
     })
+    # fetchpatch is way to hard due to bootstapping, and fetchurl from github isn't stable
+    ./cve-2019-5481.diff
   ];
 
   outputs = [ "bin" "dev" "out" "man" "devdoc" ];
diff --git a/pkgs/tools/text/gnupatch/CVE-2019-13638.patch b/pkgs/tools/text/gnupatch/CVE-2019-13638-and-CVE-2018-20969.patch
index 38caff628aafa..38caff628aafa 100644
--- a/pkgs/tools/text/gnupatch/CVE-2019-13638.patch
+++ b/pkgs/tools/text/gnupatch/CVE-2019-13638-and-CVE-2018-20969.patch
diff --git a/pkgs/tools/text/gnupatch/default.nix b/pkgs/tools/text/gnupatch/default.nix
index a046c59111570..b85d16ea4e92a 100644
--- a/pkgs/tools/text/gnupatch/default.nix
+++ b/pkgs/tools/text/gnupatch/default.nix
@@ -18,9 +18,9 @@ stdenv.mkDerivation rec {
       name = "Allow_input_files_to_be_missing_for_ed-style_patches.patch";
       sha256 = "0iw0lk0yhnhvfjzal48ij6zdr92mgb84jq7fwryy1hdhi47hhq64";
     })
-    (fetchurl { # CVE-2018-1000156
+    (fetchurl {
       url = https://git.savannah.gnu.org/cgit/patch.git/patch/?id=123eaff0d5d1aebe128295959435b9ca5909c26d;
-      name = "Fix_arbitrary_command_execution_in_ed-style_patches.patch";
+      name = "CVE-2018-1000156.patch";
       sha256 = "1bpy16n3hm5nv9xkrn6c4wglzsdzj3ss1biq16w9kfv48p4hx2vg";
     })
     # https://git.savannah.gnu.org/cgit/patch.git/commit/?id=9c986353e420ead6e706262bf204d6e03322c300
@@ -30,7 +30,7 @@ stdenv.mkDerivation rec {
     ./CVE-2019-13636.patch
 
     # https://git.savannah.gnu.org/cgit/patch.git/patch/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0
-    ./CVE-2019-13638.patch
+    ./CVE-2019-13638-and-CVE-2018-20969.patch
   ];
 
   nativeBuildInputs = [ autoreconfHook ];
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-08-24 19:13:05 +0000