mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-26 00:43:20 +00:00
Revert "Revert "icu: patch for multiple CVEs""
icu: patch for multiple CVEs - CVE-2014-6585 - CVE-2015-4760 - CVE-2016-0494 - CVE-2016-6293 - CVE-2016-7415
This commit is contained in:
parent
96393560d0
commit
ea07ad6bd9
@ -1,7 +1,7 @@
|
||||
{ stdenv, fetchurl, fixDarwinDylibNames }:
|
||||
{ stdenv, fetchurl, fetchpatch, fixDarwinDylibNames }:
|
||||
|
||||
let
|
||||
icu = import ./default.nix { inherit stdenv fetchurl fixDarwinDylibNames; };
|
||||
icu = import ./default.nix { inherit stdenv fetchurl fetchpatch fixDarwinDylibNames; };
|
||||
in
|
||||
stdenv.lib.overrideDerivation icu (attrs: {
|
||||
src = fetchurl {
|
||||
@ -9,4 +9,3 @@ in
|
||||
sha256 = "1cwapgjmvrcv1n2wjspj3vahidg596gjfp4jn1gcb4baralcjayl";
|
||||
};
|
||||
})
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
{ stdenv, fetchurl, fixDarwinDylibNames }:
|
||||
{ stdenv, fetchurl, fetchpatch, fixDarwinDylibNames }:
|
||||
|
||||
let
|
||||
pname = "icu4c";
|
||||
@ -25,6 +25,38 @@ stdenv.mkDerivation ({
|
||||
echo Source root reset to ''${sourceRoot}
|
||||
'';
|
||||
|
||||
# This pre/postPatch shenanigans is to handle that the patches expect
|
||||
# to be outside of `source`.
|
||||
prePatch = ''
|
||||
pushd ..
|
||||
'';
|
||||
postPatch = ''
|
||||
popd
|
||||
'';
|
||||
|
||||
patches = [
|
||||
(fetchpatch {
|
||||
url = "https://sources.debian.net/data/main/i/icu/57.1-5/debian/patches/CVE-2014-6585.patch";
|
||||
sha256 = "1s8kqax444pqf5chwxvgsx1n1dx7v74h34fqh08fyq57mcjnpj4d";
|
||||
})
|
||||
(fetchpatch {
|
||||
url = "https://sources.debian.net/data/main/i/icu/57.1-5/debian/patches/CVE-2015-4760.patch";
|
||||
sha256 = "08gawyqbylk28i9pxv9vsw2drdpd6i97q0aml4nmv2xyb1ala0wp";
|
||||
})
|
||||
(fetchpatch {
|
||||
url = "https://sources.debian.net/data/main/i/icu/57.1-5/debian/patches/CVE-2016-0494.patch";
|
||||
sha256 = "1741s8lpmnizjprzk3xb7zkm5fznzgk8hhlrs8a338c18nalvxay";
|
||||
})
|
||||
(fetchpatch {
|
||||
url = "https://sources.debian.net/data/main/i/icu/57.1-5/debian/patches/CVE-2016-6293.patch";
|
||||
sha256 = "01h4xcss1vmsr60ijkv4lxsgvspwimyss61zp9nq4xd5i3kk1f4b";
|
||||
})
|
||||
(fetchpatch {
|
||||
url = "https://sources.debian.net/data/main/i/icu/57.1-5/debian/patches/CVE-2016-7415.patch";
|
||||
sha256 = "01d070h8d7rkj55ac8isr64m999bv5znc8vnxa7aajglsfidzs2r";
|
||||
})
|
||||
];
|
||||
|
||||
preConfigure = ''
|
||||
sed -i -e "s|/bin/sh|${stdenv.shell}|" configure
|
||||
'';
|
||||
|
Loading…
Reference in New Issue
Block a user