forked from mirrors/nixpkgs
cyrus_sasl: 2.1.27 -> 2.1.28
https://www.cyrusimap.org/sasl/sasl/release-notes/2.1/index.html#new-in-2-1-28 Fixes: CVE-2022-24407 ("Escape password for SQL insert/update commands.") Co-Authored-By: illustris <rharikrishnan95@gmail.com>
This commit is contained in:
parent
3bab4ac337
commit
1bcbec677a
|
@ -1,12 +1,13 @@
|
|||
--- a/m4/sasl2.m4 2018-11-18 22:33:29.902625600 +0300
|
||||
+++ b/m4/sasl2.m4 2018-11-18 22:33:59.828746176 +0300
|
||||
@@ -339,7 +339,8 @@
|
||||
],
|
||||
[ AC_DEFINE(HAVE_GSS_SPNEGO,,[Define if your GSSAPI implementation supports SPNEGO])
|
||||
AC_MSG_RESULT(yes) ],
|
||||
- AC_MSG_RESULT(no))
|
||||
+ AC_MSG_RESULT(no),
|
||||
+ AC_MSG_RESULT(no))
|
||||
LIBS="$cmu_save_LIBS"
|
||||
diff --git a/m4/sasl2.m4 b/m4/sasl2.m4
|
||||
index 098c853a..91d98def 100644
|
||||
--- a/m4/sasl2.m4
|
||||
+++ b/m4/sasl2.m4
|
||||
@@ -350,7 +350,7 @@ int main(void)
|
||||
|
||||
else
|
||||
return (!have_spnego); // 0 = success, 1 = failure
|
||||
}
|
||||
-],[ac_cv_gssapi_supports_spnego=yes],[ac_cv_gssapi_supports_spnego=no])
|
||||
+],[ac_cv_gssapi_supports_spnego=yes],[ac_cv_gssapi_supports_spnego=no],[ac_cv_gssapi_supports_spnego=no])
|
||||
LIBS="$cmu_save_LIBS"
|
||||
])
|
||||
AS_IF([test "$ac_cv_gssapi_supports_spnego" = yes],[
|
||||
|
|
|
@ -1,11 +1,11 @@
|
|||
{ lib, stdenv, fetchurl, openssl, openldap, libkrb5, db, gettext
|
||||
, pam, fixDarwinDylibNames, autoreconfHook, enableLdap ? false
|
||||
, buildPackages, pruneLibtoolFiles, fetchpatch }:
|
||||
, buildPackages, pruneLibtoolFiles }:
|
||||
|
||||
with lib;
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "cyrus-sasl";
|
||||
version = "2.1.27";
|
||||
version = "2.1.28";
|
||||
|
||||
src = fetchurl {
|
||||
urls =
|
||||
|
@ -13,9 +13,14 @@ stdenv.mkDerivation rec {
|
|||
"http://www.cyrusimap.org/releases/${pname}-${version}.tar.gz"
|
||||
"http://www.cyrusimap.org/releases/old/${pname}-${version}.tar.gz"
|
||||
];
|
||||
sha256 = "1m85zcpgfdhm43cavpdkhb1s2zq1b31472hq1w1gs3xh94anp1i6";
|
||||
sha256 = "sha256-fM/Gq9Ae1nwaCSSzU+Um8bdmsh9C1FYu5jWo6/xbs4w=";
|
||||
};
|
||||
|
||||
patches = [
|
||||
# Fix cross-compilation
|
||||
./cyrus-sasl-ac-try-run-fix.patch
|
||||
];
|
||||
|
||||
outputs = [ "bin" "dev" "out" "man" "devdoc" ];
|
||||
|
||||
depsBuildBuild = [ buildPackages.stdenv.cc ];
|
||||
|
@ -26,16 +31,6 @@ stdenv.mkDerivation rec {
|
|||
++ lib.optional enableLdap openldap
|
||||
++ lib.optional stdenv.isLinux pam;
|
||||
|
||||
patches = [
|
||||
./missing-size_t.patch # https://bugzilla.redhat.com/show_bug.cgi?id=906519
|
||||
./cyrus-sasl-ac-try-run-fix.patch
|
||||
(fetchpatch {
|
||||
name = "CVE-2019-19906.patch";
|
||||
url = "https://sources.debian.org/data/main/c/cyrus-sasl2/2.1.27+dfsg-1+deb10u1/debian/patches/0021-CVE-2019-19906.patch";
|
||||
sha256 = "1n4c5wg7l9j8rlbvx8i605j5d39xmj5wm618k8acxl4fmglcmfls";
|
||||
})
|
||||
];
|
||||
|
||||
configureFlags = [
|
||||
"--with-openssl=${openssl.dev}"
|
||||
"--with-plugindir=${placeholder "out"}/lib/sasl2"
|
||||
|
|
|
@ -1,13 +0,0 @@
|
|||
Gentoo bug #458790
|
||||
--- a/include/sasl.h 2012-10-12 17:05:48.000000000 +0300
|
||||
+++ b/include/sasl.h 2013-02-23 16:56:44.648786268 +0200
|
||||
@@ -121,6 +121,9 @@
|
||||
#ifndef SASL_H
|
||||
#define SASL_H 1
|
||||
|
||||
+/* stddef.h to get size_t defined */
|
||||
+#include <stddef.h>
|
||||
+
|
||||
/* Keep in sync with win32/common.mak */
|
||||
#define SASL_VERSION_MAJOR 2
|
||||
#define SASL_VERSION_MINOR 1
|
Loading…
Reference in a new issue