minidlna: 1.3.0 -> 1.3.1

Prevents DNS rebinding attacks through malicious remote web servers. https://www.openwall.com/lists/oss-security/2022/03/03/1 Fixes: CVE-2022-26505
2024-11-24 16:03:23 +00:00 · 2022-03-06 11:42:33 +01:00 · 2022-03-06 11:42:33 +01:00 · a63d445772
commit a63d445772
parent a173e92ee4
1 changed files with 13 additions and 8 deletions
--- a/pkgs/tools/networking/minidlna/default.nix
+++ b/pkgs/tools/networking/minidlna/default.nix
@ -1,20 +1,25 @@
-{ lib, stdenv, fetchurl, ffmpeg, flac, libvorbis, libogg, libid3tag, libexif, libjpeg, sqlite, gettext }:
+{ lib, stdenv, fetchgit, autoreconfHook, ffmpeg, flac, libvorbis, libogg, libid3tag, libexif, libjpeg, sqlite, gettext }:

-let version = "1.3.0"; in
-
-stdenv.mkDerivation {
+let
  pname = "minidlna";
-  inherit version;
+  version = "1.3.1";
+in
+stdenv.mkDerivation {
+  inherit pname version;

-  src = fetchurl {
-    url = "mirror://sourceforge/project/minidlna/minidlna/${version}/minidlna-${version}.tar.gz";
-    sha256 = "0qrw5ny82p5ybccw4pp9jma8nwl28z927v0j2561m0289imv1na7";
+  # tarball for 1.3.1 is missing
+  src = fetchgit {
+    url = "https://git.code.sf.net/p/${pname}/git";
+    rev = "v${builtins.replaceStrings [ "." ] [ "_" ] version}";
+    hash = "sha256-nbvz/QHSZBTZEqX/utOoOF5vorhrxGqIBA9qfpIZzyU=";
  };

  preConfigure = ''
    export makeFlags="INSTALLPREFIX=$out"
  '';

+  nativeBuildInputs = [ autoreconfHook ];
+
  buildInputs = [ ffmpeg flac libvorbis libogg libid3tag libexif libjpeg sqlite gettext ];

  postInstall = ''