From 84c1b2fbd82e478f79dbc31c2eee6c57cedea0da Mon Sep 17 00:00:00 2001
From: Andreas Rammhold <andreas@rammhold.de>
Date: Wed, 20 Mar 2019 14:04:12 +0100
Subject: ldb: apply patch for CVE-2019-3824

---
 pkgs/development/libraries/ldb/default.nix | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'pkgs/development/libraries/ldb')

diff --git a/pkgs/development/libraries/ldb/default.nix b/pkgs/development/libraries/ldb/default.nix
index 5566b1f4f0e27..12f7b176bb7b4 100644
--- a/pkgs/development/libraries/ldb/default.nix
+++ b/pkgs/development/libraries/ldb/default.nix
@@ -19,6 +19,17 @@ stdenv.mkDerivation rec {
     cmocka
   ];
 
+  patches = [
+    # CVE-2019-3824
+    # downloading the patch from debian as they have ported the patch from samba to ldb but otherwise is identical to
+    # https://bugzilla.samba.org/attachment.cgi?id=14857
+    (fetchurl {
+      name = "CVE-2019-3824.patch";
+      url = "https://sources.debian.org/data/main/l/ldb/2:1.1.27-1+deb9u1/debian/patches/CVE-2019-3824-master-v4-5-02.patch";
+      sha256 = "1idnqckvjh18rh9sbq90rr4sxfviha9nd1ca9pd6lai0y6r6q4yd";
+    })
+  ];
+
   preConfigure = ''
     sed -i 's,#!/usr/bin/env python,#!${python}/bin/python,g' buildtools/bin/waf
   '';
-- 
cgit 1.4.1