alioth/nixpkgs
3
0
Fork 0
forked from mirrors/nixpkgs
Code Releases Activity

hostapd: add patch for CVE-2021-30004

Browse source 
In wpa_supplicant and hostapd 2.9, forging attacks may occur because
AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and
tls/x509v3.c.

Fixes: CVE-2021-30004
This commit is contained in:
Martin Weinelt 2021-04-13 19:32:22 +02:00
parent 9f9ab6fffc
commit 4480a056c9
No known key found for this signature in database
GPG key ID: 87C1E9888F856759
1 changed files with 7 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
pkgs/os-specific/linux/hostapd/default.nix
View file

@ -1,4 +1,4 @@
{ lib, stdenv, fetchurl, pkg-config, libnl, openssl, sqlite ? null }:
{ lib, stdenv, fetchurl, fetchpatch, pkg-config, libnl, openssl, sqlite ? null }:
stdenv.mkDerivation rec {
pname = "hostapd";
@ -43,6 +43,12 @@ stdenv.mkDerivation rec {
url = "https://w1.fi/security/2020-1/0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch";
sha256 = "12npqp2skgrj934wwkqicgqksma0fxz09di29n1b5fm5i4njl8d8";
})
# In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c.
(fetchpatch {
name = "CVE-2021-30004.patch";
url = "https://w1.fi/cgit/hostap/patch/?id=a0541334a6394f8237a4393b7372693cd7e96f15";
sha256 = "1gbhlz41x1ar1hppnb76pqxj6vimiypy7c4kq6h658637s4am3xg";
})
];
outputs = [ "out" "man" ];