libnbd: 1.18.0 -> 1.18.1 and apply patch for CVE-2023-5871

Fixes CVE-2023-5215 and CVE-2023-5871.

Changes:
https://gitlab.com/nbdkit/libnbd/-/commits/v1.18.1?ref_type=tags
This commit is contained in:
Thomas Gerbet 2023-12-02 12:59:48 +01:00
parent bea9ec6d4a
commit 124e85cac8

View File

@ -1,6 +1,7 @@
{ lib
, stdenv
, fetchurl
, fetchpatch
, bash-completion
, pkg-config
, perl
@ -12,13 +13,21 @@
stdenv.mkDerivation rec {
pname = "libnbd";
version = "1.18.0";
version = "1.18.1";
src = fetchurl {
url = "https://download.libguestfs.org/libnbd/${lib.versions.majorMinor version}-stable/${pname}-${version}.tar.gz";
hash = "sha256-srJyd32eCIthoncvM9JQEKCWEOZxxc3YntaV4Ay8kZ8=";
hash = "sha256-UNHRphDw1ycRnp0KClzHlSuLIxs5Mc4gcjB+EF/smbY=";
};
patches = [
(fetchpatch {
name = "CVE-2023-5871.patch";
url = "https://gitlab.com/nbdkit/libnbd/-/commit/4451e5b61ca07771ceef3e012223779e7a0c7701.patch";
hash = "sha256-zmg/kxSJtjp2w9917Sp33ezt7Ccj/inngzCUVesF1Tc=";
})
];
nativeBuildInputs = [
bash-completion
pkg-config