From 3628595ebad897df7f810a4311f9818b8c74dd46 Mon Sep 17 00:00:00 2001 From: Franz Pletz Date: Sun, 19 Nov 2017 17:39:01 +0100 Subject: [PATCH] couchdb2: 2.0.0 -> 2.1.1 for multiple CVEs Fixes CVE-2017-12635, CVE-2017-12636. https://blog.couchdb.org/2017/11/14/apache-couchdb-cve-2017-12635-and-cve-2017-12636/ --- pkgs/servers/http/couchdb/2.0.0.nix | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/pkgs/servers/http/couchdb/2.0.0.nix b/pkgs/servers/http/couchdb/2.0.0.nix index 1e56a2dac48d..f94ff56373d4 100644 --- a/pkgs/servers/http/couchdb/2.0.0.nix +++ b/pkgs/servers/http/couchdb/2.0.0.nix @@ -3,14 +3,15 @@ stdenv.mkDerivation rec { name = "couchdb-${version}"; - version = "2.0.0"; + version = "2.1.1"; src = fetchurl { url = "mirror://apache/couchdb/source/${version}/apache-${name}.tar.gz"; - sha256 = "1jkfx6g9anrgmkhrkcn50axcamragranwsciw1rhmi86rglkrbyc"; + sha256 = "1k3v9v05417087b6fcj5yv03wl6i61xqrrhp0prl9b3ir2mmbwnm"; }; - buildInputs = [ erlang icu openssl spidermonkey makeWrapper ]; + nativeBuildInputs = [ makeWrapper ]; + buildInputs = [ erlang icu openssl spidermonkey ]; patches = [ ./jsapi.patch ]; postPatch = ''