tcpdump: 4.9.1 -> 4.9.2

This is a security release theoretically under emgargo, but leaked by
Mageia and Fedora.

We have permission to deliver this prior to public release.
This commit is contained in:
Robin Gloster 2017-09-06 14:53:09 +02:00
parent 41d9884067
commit 993a83d395
No known key found for this signature in database
GPG Key ID: D5C458DF6DD97EDF

View File

@ -1,36 +1,22 @@
{ stdenv, fetchFromGitHub, fetchpatch, libpcap, enableStatic ? false
{ stdenv, fetchurl, fetchpatch, libpcap, enableStatic ? false
, hostPlatform
}:
stdenv.mkDerivation rec {
name = "tcpdump-${version}";
version = "4.9.1";
version = "4.9.2";
src = fetchFromGitHub rec {
owner = "the-tcpdump-group";
repo = "tcpdump";
rev = "${repo}-${version}";
sha256 = "1vzrvn1q7x28h18yskqc390y357pzpg5xd3pzzj4xz3llnvsr64p";
# leaked embargoed security update
src = fetchurl {
url = "https://src.fedoraproject.org/lookaside/pkgs/tcpdump/tcpdump-4.9.2.tar.gz/sha512/e1bc19a5867d6e3628f3941bdf3ec831bf13784f1233ca1bccc46aac1702f47ee9357d7ff0ca62cddf211b3c8884488c21144cabddd92c861e32398cd8f7c44b/tcpdump-4.9.2.tar.gz";
sha256 = "0ygy0layzqaj838r5xd613iraz09wlfgpyh7pc6cwclql8v3b2vr";
};
patches = [
(fetchpatch {
url = "http://www.tcpdump.org/pre-4.9.2/PUBLISHED-CVE-2017-11541.patch";
sha256 = "1lqg4lbyddnv75wpj0rs2sxz4lb3d1vp8n385i27mrpcxw9qaxia";
})
(fetchpatch {
url = "http://www.tcpdump.org/pre-4.9.2/PUBLISHED-CVE-2017-11542.patch";
sha256 = "0vqgmw9i5vr3d4siyrh8mw60jdmp5r66rbjxfmbnwhlfjf4bwxz4";
})
(fetchpatch {
url = "http://www.tcpdump.org/pre-4.9.2/PUBLISHED-CVE-2017-11543.patch";
sha256 = "1vk9ncpx0qjja8l69xw5kkvgy9fkcii2n98diazv1yndln2cs26l";
})
(fetchpatch {
url = "http://www.tcpdump.org/pre-4.9.2/PUBLISHED-OpenSSL-1.1-segfault.patch";
sha256 = "0mw0jdj5nyg4sviqj7wxwf2492b2bdqmjrvf1k34ak417xfcvy1d";
})
];
# src = fetchFromGitHub rec {
# owner = "the-tcpdump-group";
# repo = "tcpdump";
# rev = "${repo}-${version}";
# sha256 = "1vzrvn1q7x28h18yskqc390y357pzpg5xd3pzzj4xz3llnvsr64p";
# };
buildInputs = [ libpcap ];