1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-22 13:41:26 +00:00

qemu: patch security issues in 9pfs

CVE-2016-7116, others have no ID assigned, yet.
Fixes from 2.7 tree.
This commit is contained in:
Robin Gloster 2016-08-31 13:25:47 +02:00
parent 24f36cce50
commit 7eaa83a3e9
No known key found for this signature in database
GPG key ID: 5E4C836C632C2882

View file

@ -1,6 +1,6 @@
{ stdenv, fetchurl, python, zlib, pkgconfig, glib, ncurses, perl, pixman
, vde2, alsaLib, texinfo, libuuid, flex, bison, lzo, snappy
, libaio, gnutls, nettle
{ stdenv, fetchurl, fetchpatch, python, zlib, pkgconfig, glib
, ncurses, perl, pixman, vde2, alsaLib, texinfo, libuuid, flex
, bison, lzo, snappy, libaio, gnutls, nettle
, makeWrapper
, attr, libcap, libcap_ng
, CoreServices, Cocoa, rez, setfile
@ -45,7 +45,24 @@ stdenv.mkDerivation rec {
enableParallelBuilding = true;
patches = [ ./no-etc-install.patch ];
patches = [
./no-etc-install.patch
(fetchpatch {
url = "http://git.qemu.org/?p=qemu.git;a=patch;h=fff39a7ad09da07ef490de05c92c91f22f8002f2";
name = "9pfs-forbid-illegal-path-names.patch";
sha256 = "081j85p6m7s1cfh3aq1i2av2fsiarlri9gs939s0wvc6pdyb4b70";
})
(fetchpatch {
url = "http://git.qemu.org/?p=qemu.git;a=patch;h=805b5d98c649d26fc44d2d7755a97f18e62b438a";
name = "9pfs-forbid-.-and-..-in-file-names.patch";
sha256 = "0km6knll492dx745gx37bi6dhmz08cmjiyf479ajkykp0aljii24";
})
(fetchpatch {
url = "http://git.qemu.org/?p=qemu.git;a=patch;h=56f101ecce0eafd09e2daf1c4eeb1377d6959261";
name = "9pfs-directory-traversal-CVE-2016-7116.patch";
sha256 = "06pr070qj19w5mjxr36bcqxmgpiczncigqsbwfc8ncjhm1h7dmry";
})
];
configureFlags =
[ "--smbd=smbd" # use `smbd' from $PATH