libevent: apply security patches from Debian

/cc #23072. As with curl, it's nontrivial rebuild but security... https://lwn.net/Alerts/714571/
2024-11-27 17:33:09 +00:00 · 2017-02-22 18:56:56 +01:00 · 2017-02-22 18:56:56 +01:00 · f5eea8ba1d
commit f5eea8ba1d
parent 838e29d236
1 changed files with 14 additions and 0 deletions
--- a/pkgs/development/libraries/libevent/default.nix
+++ b/pkgs/development/libraries/libevent/default.nix
@ -9,6 +9,20 @@ stdenv.mkDerivation {
    sha256 = "18qz9qfwrkakmazdlwxvjmw8p76g70n3faikwvdwznns1agw9hki";
  };

+  prePatch = let
+      # https://lwn.net/Vulnerabilities/714581/
+      debian = fetchurl {
+        url = "http://http.debian.net/debian/pool/main/libe/libevent/"
+            + "libevent_2.0.21-stable-3.debian.tar.xz";
+        sha256 = "0b2syswiq3cvfbdvi4lbca15c31lilxnahax4a4b4qxi5fcab7h5";
+      };
+    in ''
+      tar xf '${debian}'
+      patches="$patches $(cat debian/patches/series | grep -v '^$\|^#' \
+                          | grep -v '^20d6d445.patch' \
+                          | grep -v '^dh-autoreconf' | sed 's|^|debian/patches/|')"
+    '';
+
  outputs = [ "out" "dev" ];
  outputBin = "dev";