mirrors/nixpkgs
1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-19 04:02:10 +00:00
Code Issues Wiki Activity

Merge pull request #125554 from mweinelt/polkit

Browse source 
polkit: Fix authentication bypass vulnerability
This commit is contained in:
Luke Granger-Brown 2021-06-04 01:23:15 +01:00 committed by GitHub
parent 2959ad27de 26ac1d5db9
commit 2e88b6f989
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
pkgs/development/libraries/polkit/default.nix
View file

@ -34,6 +34,13 @@ stdenv.mkDerivation rec {
url = "https://gitlab.freedesktop.org/polkit/polkit/commit/5dd4e22efd05d55833c4634b56e473812b5acbf2.patch";
sha256 = "17lv7xj5ksa27iv4zpm4zwd4iy8zbwjj4ximslfq3sasiz9kxhlp";
})
(fetchpatch {
# https://www.openwall.com/lists/oss-security/2021/06/03/1
# https://gitlab.freedesktop.org/polkit/polkit/-/merge_requests/79
name = "CVE-2021-3560.patch";
url = "https://gitlab.freedesktop.org/polkit/polkit/-/commit/a04d13affe0fa53ff618e07aa8f57f4c0e3b9b81.patch";
sha256 = "157ddsizgr290jsb8fpafrc37gc1qw5pdvl351vnn3pzhqs7n6f4";
})
] ++ lib.optionals stdenv.hostPlatform.isMusl [
# Make netgroup support optional (musl does not have it)
# Upstream MR: https://gitlab.freedesktop.org/polkit/polkit/merge_requests/10