3
0
Fork 0
forked from mirrors/nixpkgs

db{48,53,60,62}: add patch to fix CVE-2017-10140

This commit is contained in:
Franz Pletz 2017-10-24 13:03:20 +02:00
parent 9bd9305602
commit 5072f4792e
No known key found for this signature in database
GPG key ID: 846FDED7792617B4
6 changed files with 26 additions and 4 deletions

View file

@ -0,0 +1,11 @@
--- a/env/env_open.c.old 2017-06-26 10:32:11.011419981 +0200
+++ b/env/env_open.c 2017-06-26 10:32:46.893721233 +0200
@@ -473,7 +473,7 @@
env->db_mode = mode == 0 ? DB_MODE_660 : mode;
/* Read the DB_CONFIG file. */
- if ((ret = __env_read_db_config(env)) != 0)
+ if (env->db_home != NULL && (ret = __env_read_db_config(env)) != 0)
return (ret);
/*

View file

@ -0,0 +1,11 @@
--- db-5.3.28/src/env/env_open.c.old 2017-06-26 10:32:11.011419981 +0200
+++ db-5.3.28/src/env/env_open.c 2017-06-26 10:32:46.893721233 +0200
@@ -473,7 +473,7 @@
env->db_mode = mode == 0 ? DB_MODE_660 : mode;
/* Read the DB_CONFIG file. */
- if ((ret = __env_read_db_config(env)) != 0)
+ if (env->db_home != NULL && (ret = __env_read_db_config(env)) != 0)
return (ret);
/*

View file

@ -3,7 +3,7 @@
import ./generic.nix (args // rec {
version = "4.8.30";
sha256 = "0ampbl2f0hb1nix195kz1syrqqxpmvnvnfvphambj7xjrl3iljg0";
extraPatches = [ ./clang-4.8.patch ];
extraPatches = [ ./clang-4.8.patch ./CVE-2017-10140-4.8-cwd-db_config.patch ];
drvArgs.hardeningDisable = [ "format" ];
drvArgs.doCheck = false;

View file

@ -3,5 +3,5 @@
import ./generic.nix (args // rec {
version = "5.3.28";
sha256 = "0a1n5hbl7027fbz5lm0vp0zzfp1hmxnz14wx3zl9563h83br5ag0";
extraPatches = [ ./clang-5.3.patch ];
extraPatches = [ ./clang-5.3.patch ./CVE-2017-10140-cwd-db_config.patch ];
})

View file

@ -4,5 +4,5 @@ import ./generic.nix (args // rec {
version = "6.0.20";
sha256 = "00r2aaglq625y8r9xd5vw2y070plp88f1mb2gbq3kqsl7128lsl0";
license = stdenv.lib.licenses.agpl3;
extraPatches = [ ./clang-6.0.patch ];
extraPatches = [ ./clang-6.0.patch ./CVE-2017-10140-cwd-db_config.patch ];
})

View file

@ -4,5 +4,5 @@ import ./generic.nix (args // rec {
version = "6.2.23";
sha256 = "1isxx4jfmnh913jzhp8hhfngbk6dsg46f4kjpvvc56maj64jqqa7";
license = stdenv.lib.licenses.agpl3;
extraPatches = [ ./clang-6.0.patch ];
extraPatches = [ ./clang-6.0.patch ./CVE-2017-10140-cwd-db_config.patch ];
})