mirror of
https://github.com/ilyakooo0/nixpkgs.git
synced 2024-11-14 05:37:40 +03:00
libssh2-1.9.0: apply patch for CVE-2019-17498
No upstream release yet, but https://github.com/libssh2/libssh2/pull/402 has been accepted by upstream devs. Original advisory: https://blog.semmle.com/libssh2-integer-overflow-CVE-2019-17498/ Re #73662
This commit is contained in:
parent
d9eb897edd
commit
4682b29aad
@ -14,6 +14,15 @@ stdenv.mkDerivation rec {
|
|||||||
buildInputs = [ openssl zlib ]
|
buildInputs = [ openssl zlib ]
|
||||||
++ stdenv.lib.optional stdenv.hostPlatform.isMinGW windows.mingw_w64;
|
++ stdenv.lib.optional stdenv.hostPlatform.isMinGW windows.mingw_w64;
|
||||||
|
|
||||||
|
patches = [
|
||||||
|
# not able to use fetchpatch here: infinite recursion
|
||||||
|
(fetchurl {
|
||||||
|
name = "CVE-2019-17498.patch";
|
||||||
|
url = "https://github.com/libssh2/libssh2/pull/402.patch";
|
||||||
|
sha256 = "1n9s2mcz5dkw0xpm3c5x4hzj8bar4i6z0pr1rmqjplhfg888vdvc";
|
||||||
|
})
|
||||||
|
];
|
||||||
|
|
||||||
meta = with stdenv.lib; {
|
meta = with stdenv.lib; {
|
||||||
description = "A client-side C library implementing the SSH2 protocol";
|
description = "A client-side C library implementing the SSH2 protocol";
|
||||||
homepage = https://www.libssh2.org;
|
homepage = https://www.libssh2.org;
|
||||||
|
Loading…
Reference in New Issue
Block a user