nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-26 17:03:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

busybox: 1.32.1 -> 1.33.1; clarify license

Browse Source 
The patch for CVE-2021-28831 is included in this release.
This commit is contained in:
Alyssa Ross 2021-06-09 11:14:34 +00:00
parent 29536e9650
commit cd92f32734
1 changed files with 5 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
pkgs/os-specific/linux/busybox/default.nix
View File

@ -1,4 +1,4 @@
{ stdenv, lib, buildPackages, fetchurl, fetchFromGitLab, fetchpatch
{ stdenv, lib, buildPackages, fetchurl, fetchFromGitLab
, enableStatic ? stdenv.hostPlatform.isStatic
, enableMinimal ? false
# Allow forcing musl without switching stdenv itself, e.g. for our bootstrapping:
@ -32,7 +32,7 @@ let
CONFIG_FEATURE_WTMP n
'';
# The debian version lacks behind the upstream version and also contains
# The debian version lags behind the upstream version and also contains
# a debian-specific suffix. We only fetch the debian repository to get the
# default.script
debianVersion = "1.30.1-6";
@ -49,17 +49,14 @@ in
stdenv.mkDerivation rec {
pname = "busybox";
# TODO: When bumping to next version, remove the patch
# for CVE-2021-28831 (assuming the patch was included in
# the next upstream release)
version = "1.32.1";
version = "1.33.1";
# Note to whoever is updating busybox: please verify that:
# nix-build pkgs/stdenv/linux/make-bootstrap-tools.nix -A test
# still builds after the update.
src = fetchurl {
url = "https://busybox.net/downloads/${pname}-${version}.tar.bz2";
sha256 = "1vhd59qmrdyrr1q7rvxmyl96z192mxl089hi87yl0hcp6fyw8mwx";
sha256 = "0a0dcvsh7nxnhxc5y73fky0z30i9p7r30qfidm2akn0n5fywdkhj";
};
hardeningDisable = [ "format" "pie" ]
@ -67,11 +64,6 @@ stdenv.mkDerivation rec {
patches = [
./busybox-in-store.patch
(fetchpatch {
name = "CVE-2021-28831.patch";
url = "https://git.busybox.net/busybox/patch/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd";
sha256 = "0y79flfbk45krwn963nnbqc21a88bsz4k4asqwvcnfk2lkciadxm";
}) # TODO: Removing when bumping the version
] ++ lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) ./clang-cross.patch;
postPatch = "patchShebangs .";
@ -142,7 +134,7 @@ stdenv.mkDerivation rec {
meta = with lib; {
description = "Tiny versions of common UNIX utilities in a single small executable";
homepage = "https://busybox.net/";
license = licenses.gpl2;
license = licenses.gpl2Only;
maintainers = with maintainers; [ TethysSvensson ];
platforms = platforms.linux;
priority = 10;