mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-25 08:23:09 +00:00
ipsecTools: add patch to fix CVE-2016-10396
This commit is contained in:
parent
903d9daf0f
commit
4afb3f4ade
@ -1,4 +1,4 @@
|
||||
{ stdenv, fetchurl, linuxHeaders, readline, openssl, flex, kerberos, pam }:
|
||||
{ stdenv, fetchurl, fetchpatch, linuxHeaders, readline, openssl, flex, kerberos, pam }:
|
||||
|
||||
# TODO: These tools are supposed to work under NetBSD and FreeBSD as
|
||||
# well, so I guess it's not appropriate to place this expression in
|
||||
@ -16,8 +16,14 @@ stdenv.mkDerivation rec {
|
||||
|
||||
buildInputs = [ readline openssl flex kerberos pam ];
|
||||
|
||||
patches = [ ./dont-create-localstatedir-during-install.patch
|
||||
./CVE-2015-4047.patch ];
|
||||
patches = [
|
||||
./dont-create-localstatedir-during-install.patch
|
||||
./CVE-2015-4047.patch
|
||||
(fetchpatch {
|
||||
url = "https://anonscm.debian.org/cgit/pkg-ipsec-tools/pkg-ipsec-tools.git/plain/debian/patches/CVE-2016-10396.patch?id=62ac12648a4eb7c5ba5dba0f81998d1acf310d8b";
|
||||
sha256 = "1kf7j2pf1blni52z7q41n0yisqb7gvk01lvldr319zaxxg7rm84a";
|
||||
})
|
||||
];
|
||||
|
||||
# fix build with newer gcc versions
|
||||
preConfigure = ''substituteInPlace configure --replace "-Werror" "" '';
|
||||
|
Loading…
Reference in New Issue
Block a user