From f01acd4cd57e1c9fc30323edf193b72db391eb0b Mon Sep 17 00:00:00 2001 From: Andreas Rammhold Date: Tue, 21 Nov 2017 21:36:00 +0100 Subject: [PATCH] clamav: apply patch for CVE-2017-6420 Details at [1]. [1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6420 --- pkgs/tools/security/clamav/default.nix | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/pkgs/tools/security/clamav/default.nix b/pkgs/tools/security/clamav/default.nix index 83a2a1fd85ea..506d6fc3fce8 100644 --- a/pkgs/tools/security/clamav/default.nix +++ b/pkgs/tools/security/clamav/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, zlib, bzip2, libiconv, libxml2, openssl, ncurses, curl +{ stdenv, fetchurl, fetchpatch, zlib, bzip2, libiconv, libxml2, openssl, ncurses, curl , libmilter, pcre }: stdenv.mkDerivation rec { @@ -10,6 +10,14 @@ stdenv.mkDerivation rec { sha256 = "0yh2q318bnmf2152g2h1yvzgqbswn0wvbzb8p4kf7v057shxcyqn"; }; + patches = [ + (fetchpatch { + name = "CVE-2017-6420.patch"; + url = "https://github.com/vrtadmin/clamav-devel/commit/dfc00cd3301a42b571454b51a6102eecf58407bc.patch"; + sha256 = "08w3p3a4pmi0cmcmyxkagsbn3g0jgx1jqlc34pn141x0qzrlqr60"; + }) + ]; + # don't install sample config files into the absolute sysconfdir folder postPatch = '' substituteInPlace Makefile.in --replace ' etc ' ' '