forked from mirrors/nixpkgs
Merge pull request #57963 from andir/samba
samba/ldb: fix CVE-2019-3824
This commit is contained in:
commit
77166e7636
|
@ -19,6 +19,17 @@ stdenv.mkDerivation rec {
|
||||||
cmocka
|
cmocka
|
||||||
];
|
];
|
||||||
|
|
||||||
|
patches = [
|
||||||
|
# CVE-2019-3824
|
||||||
|
# downloading the patch from debian as they have ported the patch from samba to ldb but otherwise is identical to
|
||||||
|
# https://bugzilla.samba.org/attachment.cgi?id=14857
|
||||||
|
(fetchurl {
|
||||||
|
name = "CVE-2019-3824.patch";
|
||||||
|
url = "https://sources.debian.org/data/main/l/ldb/2:1.1.27-1+deb9u1/debian/patches/CVE-2019-3824-master-v4-5-02.patch";
|
||||||
|
sha256 = "1idnqckvjh18rh9sbq90rr4sxfviha9nd1ca9pd6lai0y6r6q4yd";
|
||||||
|
})
|
||||||
|
];
|
||||||
|
|
||||||
preConfigure = ''
|
preConfigure = ''
|
||||||
sed -i 's,#!/usr/bin/env python,#!${python}/bin/python,g' buildtools/bin/waf
|
sed -i 's,#!/usr/bin/env python,#!${python}/bin/python,g' buildtools/bin/waf
|
||||||
'';
|
'';
|
||||||
|
|
|
@ -33,10 +33,18 @@ stdenv.mkDerivation rec {
|
||||||
[ ./4.x-no-persistent-install.patch
|
[ ./4.x-no-persistent-install.patch
|
||||||
./patch-source3__libads__kerberos_keytab.c.patch
|
./patch-source3__libads__kerberos_keytab.c.patch
|
||||||
./4.x-no-persistent-install-dynconfig.patch
|
./4.x-no-persistent-install-dynconfig.patch
|
||||||
|
|
||||||
|
# conditionall disable MacOS incompatible tests
|
||||||
(fetchpatch {
|
(fetchpatch {
|
||||||
url = "https://patch-diff.githubusercontent.com/raw/samba-team/samba/pull/107.patch";
|
url = "https://patch-diff.githubusercontent.com/raw/samba-team/samba/pull/107.patch";
|
||||||
sha256 = "0r6q34vjj0bdzmcbnrkad9rww58k4krbwicv4gs1g3dj49skpvd6";
|
sha256 = "0r6q34vjj0bdzmcbnrkad9rww58k4krbwicv4gs1g3dj49skpvd6";
|
||||||
})
|
})
|
||||||
|
|
||||||
|
(fetchpatch {
|
||||||
|
name = "CVE-2019-3824.patch";
|
||||||
|
url = "https://attachments.samba.org/attachment.cgi?id=14859";
|
||||||
|
sha256 = "02qf3zr55mzbimqdv01k3b22jjb084vfr5zabapyr5h1f588mw0q";
|
||||||
|
})
|
||||||
];
|
];
|
||||||
|
|
||||||
buildInputs =
|
buildInputs =
|
||||||
|
|
Loading…
Reference in a new issue