Merge pull request #85999 from mweinelt/hostapd/cve-2019-16275

hostapd: apply patch for CVE-2019-16275
2024-11-28 09:53:10 +00:00 · 2020-04-25 11:43:54 -04:00 · 2020-04-25 11:43:54 -04:00 · 8f25c2f4ef
commit 8f25c2f4ef
parent 1985c6b9d5 3e9f3a3ebd
1 changed files with 7 additions and 1 deletions
--- a/pkgs/os-specific/linux/hostapd/default.nix
+++ b/pkgs/os-specific/linux/hostapd/default.nix
@ -17,7 +17,13 @@ stdenv.mkDerivation rec {
      # Note: fetchurl seems to be unhappy with openwrt git
      # server's URLs containing semicolons. Using the github mirror instead.
      url = "https://raw.githubusercontent.com/openwrt/openwrt/master/package/network/services/hostapd/patches/300-noscan.patch";
-      sha256 = "04wg4yjc19wmwk6gia067z99gzzk9jacnwxh5wyia7k5wg71yj5k";})
+      sha256 = "04wg4yjc19wmwk6gia067z99gzzk9jacnwxh5wyia7k5wg71yj5k";
+    })
+    (fetchurl {
+      name = "CVE-2019-16275.patch";
+      url = "https://w1.fi/security/2019-7/0001-AP-Silently-ignore-management-frame-from-unexpected-.patch";
+      sha256 = "15xjyy7crb557wxpx898b5lnyblxghlij0xby5lmj9hpwwss34dz";
+    })
  ];

  outputs = [ "out" "man" ];