mirror of
https://github.com/ilyakooo0/nixpkgs.git
synced 2024-12-25 20:34:52 +03:00
libheimdal: 7.4.0 -> 7.5.0
In Heimdal 7.1 through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. Security: CVE-2017-17439
This commit is contained in:
parent
d32ce054a2
commit
5566bf97e5
@ -0,0 +1,10 @@
|
||||
--- a/lib/hx509/Makefile.am 2018-03-21 15:41:38.622968809 +0100
|
||||
+++ b/lib/hx509/Makefile.am 2018-03-21 15:41:32.655162197 +0100
|
||||
@@ -9,6 +9,8 @@
|
||||
sel-gram.h \
|
||||
$(gen_files_ocsp:.x=.c) \
|
||||
$(gen_files_pkcs10:.x=.c) \
|
||||
+ ocsp_asn1.h \
|
||||
+ pkcs10_asn1.h \
|
||||
hx509_err.c \
|
||||
hx509_err.h
|
@ -12,15 +12,17 @@ in
|
||||
with stdenv.lib;
|
||||
stdenv.mkDerivation rec {
|
||||
name = "${type}heimdal-${version}";
|
||||
version = "7.4.0";
|
||||
version = "7.5.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "heimdal";
|
||||
repo = "heimdal";
|
||||
rev = "heimdal-${version}";
|
||||
sha256 = "01ch6kqjrxi9fki54yjj2fhxhdkxijz161w2inh5k8mcixlf67vp";
|
||||
sha256 = "1j38wjj4k0q8vx168k3d3k0fwa8j1q5q8f2688nnx1b9qgjd6w1d";
|
||||
};
|
||||
|
||||
patches = [ ./heimdal-make-missing-headers.patch ];
|
||||
|
||||
nativeBuildInputs = [ autoreconfHook pkgconfig python2 perl yacc flex ]
|
||||
++ (with perlPackages; [ JSON ])
|
||||
++ optional (!libOnly) texinfo;
|
||||
@ -44,6 +46,10 @@ stdenv.mkDerivation rec {
|
||||
"--with-capng"
|
||||
];
|
||||
|
||||
postUnpack = ''
|
||||
sed -i '/^DEFAULT_INCLUDES/ s,$, -I..,' source/cf/Makefile.am.common
|
||||
'';
|
||||
|
||||
buildPhase = optionalString libOnly ''
|
||||
(cd include; make -j $NIX_BUILD_CORES)
|
||||
(cd lib; make -j $NIX_BUILD_CORES)
|
||||
|
Loading…
Reference in New Issue
Block a user