libmicrohttpd: Apply patch for CVE-2023-27371

https://lists.gnu.org/archive/html/libmicrohttpd/2023-02/msg00000.html
This commit is contained in:
Martin Weinelt 2023-03-18 12:45:34 +01:00
parent 97b2abc678
commit e31ac7227e
No known key found for this signature in database
GPG Key ID: 87C1E9888F856759

View File

@ -1,4 +1,4 @@
{ lib, stdenv, libgcrypt, curl, gnutls, pkg-config, libiconv, libintl, version, src, meta ? {} }:
{ lib, stdenv, libgcrypt, curl, gnutls, pkg-config, libiconv, libintl, version, src, meta ? {}, fetchpatch }:
let
meta_ = meta;
@ -8,6 +8,17 @@ stdenv.mkDerivation rec {
pname = "libmicrohttpd";
inherit version src;
patches = lib.optionals (lib.versionOlder version "0.9.76") [
(fetchpatch {
name = "CVE-2023-27371.patch";
url = "https://git.gnunet.org/libmicrohttpd.git/patch/?id=e0754d1638c602382384f1eface30854b1defeec";
hash = "sha256-vzrq9HPysGpc13rFEk6zLPgpUqp/ST4q/Wp30Dam97k=";
excludes = [
"ChangeLog"
];
})
];
outputs = [ "out" "dev" "devdoc" "info" ];
nativeBuildInputs = [ pkg-config ];
buildInputs = [ libgcrypt curl gnutls libiconv libintl ];