busybox: fix CVE-2017-1587{34}

This commit is contained in:
Andreas Rammhold 2017-11-09 12:11:35 +01:00 committed by Vladimír Čunát
parent 73bec97674
commit 17fae2499a
No known key found for this signature in database
GPG Key ID: E747DF1F9575A3AA

View File

@ -1,4 +1,4 @@
{ stdenv, lib, buildPackages, fetchurl { stdenv, lib, buildPackages, fetchurl, fetchpatch
, enableStatic ? false , enableStatic ? false
, enableMinimal ? false , enableMinimal ? false
, useMusl ? false, musl , useMusl ? false, musl
@ -39,7 +39,19 @@ stdenv.mkDerivation rec {
hardeningDisable = [ "format" ] ++ lib.optionals enableStatic [ "fortify" ]; hardeningDisable = [ "format" ] ++ lib.optionals enableStatic [ "fortify" ];
patches = [ ./busybox-in-store.patch ]; patches = [
./busybox-in-store.patch
(fetchpatch {
name = "CVE-2017-15873.patch";
url = "https://git.busybox.net/busybox/patch/?id=0402cb32df015d9372578e3db27db47b33d5c7b0";
sha256 = "1s3xqifd0dww19mbnzrks0i1az0qwd884sxjzrx33d6a9jxv4dzn";
})
(fetchpatch {
name = "CVE-2017-15874.patch";
url = "https://git.busybox.net/busybox/patch/?id=9ac42c500586fa5f10a1f6d22c3f797df11b1f6b";
sha256 = "0169p4ylz9zd14ghhb39yfjvbdca2kb21pphylfh9ny7i484ahql";
})
];
configurePhase = '' configurePhase = ''
export KCONFIG_NOTIMESTAMP=1 export KCONFIG_NOTIMESTAMP=1