nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-12-03 12:23:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

db{48,53,60,62}: add patch to fix CVE-2017-10140

Browse Source
This commit is contained in:
Franz Pletz 2017-10-24 13:03:20 +02:00
parent 9bd9305602
commit 5072f4792e
No known key found for this signature in database
GPG Key ID: 846FDED7792617B4
6 changed files with 26 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
pkgs/development/libraries/db/CVE-2017-10140-4.8-cwd-db_config.patch Normal file
View File

@ -0,0 +1,11 @@
--- a/env/env_open.c.old 2017-06-26 10:32:11.011419981 +0200
+++ b/env/env_open.c 2017-06-26 10:32:46.893721233 +0200
@@ -473,7 +473,7 @@
env->db_mode = mode == 0 ? DB_MODE_660 : mode;
/* Read the DB_CONFIG file. */
- if ((ret = __env_read_db_config(env)) != 0)
+ if (env->db_home != NULL && (ret = __env_read_db_config(env)) != 0)
return (ret);
/*

11
pkgs/development/libraries/db/CVE-2017-10140-cwd-db_config.patch Normal file
View File

@ -0,0 +1,11 @@
--- db-5.3.28/src/env/env_open.c.old 2017-06-26 10:32:11.011419981 +0200
+++ db-5.3.28/src/env/env_open.c 2017-06-26 10:32:46.893721233 +0200
@@ -473,7 +473,7 @@
env->db_mode = mode == 0 ? DB_MODE_660 : mode;
/* Read the DB_CONFIG file. */
- if ((ret = __env_read_db_config(env)) != 0)
+ if (env->db_home != NULL && (ret = __env_read_db_config(env)) != 0)
return (ret);
/*

2
pkgs/development/libraries/db/db-4.8.nix
View File

@ -3,7 +3,7 @@
import ./generic.nix (args // rec { import ./generic.nix (args // rec {
version = "4.8.30"; version = "4.8.30";
sha256 = "0ampbl2f0hb1nix195kz1syrqqxpmvnvnfvphambj7xjrl3iljg0"; sha256 = "0ampbl2f0hb1nix195kz1syrqqxpmvnvnfvphambj7xjrl3iljg0";
extraPatches = [ ./clang-4.8.patch ]; extraPatches = [ ./clang-4.8.patch ./CVE-2017-10140-4.8-cwd-db_config.patch ];
drvArgs.hardeningDisable = [ "format" ]; drvArgs.hardeningDisable = [ "format" ];
drvArgs.doCheck = false; drvArgs.doCheck = false;

2
pkgs/development/libraries/db/db-5.3.nix
View File

@ -3,5 +3,5 @@
import ./generic.nix (args // rec { import ./generic.nix (args // rec {
version = "5.3.28"; version = "5.3.28";
sha256 = "0a1n5hbl7027fbz5lm0vp0zzfp1hmxnz14wx3zl9563h83br5ag0"; sha256 = "0a1n5hbl7027fbz5lm0vp0zzfp1hmxnz14wx3zl9563h83br5ag0";
extraPatches = [ ./clang-5.3.patch ]; extraPatches = [ ./clang-5.3.patch ./CVE-2017-10140-cwd-db_config.patch ];
}) })

2
pkgs/development/libraries/db/db-6.0.nix
View File

@ -4,5 +4,5 @@ import ./generic.nix (args // rec {
version = "6.0.20"; version = "6.0.20";
sha256 = "00r2aaglq625y8r9xd5vw2y070plp88f1mb2gbq3kqsl7128lsl0"; sha256 = "00r2aaglq625y8r9xd5vw2y070plp88f1mb2gbq3kqsl7128lsl0";
license = stdenv.lib.licenses.agpl3; license = stdenv.lib.licenses.agpl3;
extraPatches = [ ./clang-6.0.patch ]; extraPatches = [ ./clang-6.0.patch ./CVE-2017-10140-cwd-db_config.patch ];
}) })

2
pkgs/development/libraries/db/db-6.2.nix
View File

@ -4,5 +4,5 @@ import ./generic.nix (args // rec {
version = "6.2.23"; version = "6.2.23";
sha256 = "1isxx4jfmnh913jzhp8hhfngbk6dsg46f4kjpvvc56maj64jqqa7"; sha256 = "1isxx4jfmnh913jzhp8hhfngbk6dsg46f4kjpvvc56maj64jqqa7";
license = stdenv.lib.licenses.agpl3; license = stdenv.lib.licenses.agpl3;
extraPatches = [ ./clang-6.0.patch ]; extraPatches = [ ./clang-6.0.patch ./CVE-2017-10140-cwd-db_config.patch ];
}) })