pure-ftpd: add patches for CVE-2020-9274, CVE-2020-9365

Fixes merged to upstream's master but no release yet.
2024-11-01 23:22:37 +00:00 · 2020-08-12 21:08:15 +01:00 · 2020-08-12 21:08:15 +01:00 · 5b072a4fc0
commit 5b072a4fc0
parent 3fab3cc2fb
1 changed files with 14 additions and 1 deletions
--- a/pkgs/servers/ftp/pure-ftpd/default.nix
+++ b/pkgs/servers/ftp/pure-ftpd/default.nix
@ -1,4 +1,4 @@
-{ stdenv, fetchurl, openssl }:
+{ stdenv, fetchurl, openssl, fetchpatch }:

 stdenv.mkDerivation rec {
  name = "pure-ftpd-1.0.49";
@ -8,6 +8,19 @@ stdenv.mkDerivation rec {
    sha256 = "19cjr262n6h560fi9nm7l1srwf93k34bp8dp1c6gh90bqxcg8yvn";
  };

+  patches = [
+    (fetchpatch {
+      name = "CVE-2020-9274.patch";
+      url = "https://github.com/jedisct1/pure-ftpd/commit/8d0d42542e2cb7a56d645fbe4d0ef436e38bcefa.patch";
+      sha256 = "1yd84p6bd4rf21hg3kqpi2a02cac6dz5ag4xx3c2dl5vbzhr5a8k";
+    })
+    (fetchpatch {
+      name = "CVE-2020-9365.patch";
+      url = "https://github.com/jedisct1/pure-ftpd/commit/bf6fcd4935e95128cf22af5924cdc8fe5c0579da.patch";
+      sha256 = "003klx7j82qf92qr1dxg32v5r2bhhywplynd3xil1lbcd3s3mqhi";
+    })
+  ];
+
  buildInputs = [ openssl ];

  configureFlags = [ "--with-tls" ];