ppp: add patch to fix CVE-2015-3310

This commit is contained in:
Franz Pletz 2017-01-26 00:40:17 +01:00 committed by Graham Christensen
parent 6a02d48c72
commit 9ac6297b79
No known key found for this signature in database
GPG Key ID: 06121D366FE9435C

View File

@ -18,6 +18,11 @@ stdenv.mkDerivation rec {
# Without nonpriv.patch, pppd --version doesn't work when not run as
# root.
./nonpriv.patch
(fetchurl {
name = "CVE-2015-3310.patch";
url = "https://anonscm.debian.org/git/collab-maint/pkg-ppp.git/plain/debian/patches/rc_mksid-no-buffer-overflow?h=debian/2.4.7-1%2b4";
sha256 = "1dk00j7bg9nfgskw39fagnwv1xgsmyv0xnkd6n1v5gy0psw0lvqh";
})
];
buildInputs = [ libpcap ];