mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-22 13:41:26 +00:00
qemu: patch security issues in 9pfs
CVE-2016-7116, others have no ID assigned, yet. Fixes from 2.7 tree.
This commit is contained in:
parent
24f36cce50
commit
7eaa83a3e9
|
@ -1,6 +1,6 @@
|
||||||
{ stdenv, fetchurl, python, zlib, pkgconfig, glib, ncurses, perl, pixman
|
{ stdenv, fetchurl, fetchpatch, python, zlib, pkgconfig, glib
|
||||||
, vde2, alsaLib, texinfo, libuuid, flex, bison, lzo, snappy
|
, ncurses, perl, pixman, vde2, alsaLib, texinfo, libuuid, flex
|
||||||
, libaio, gnutls, nettle
|
, bison, lzo, snappy, libaio, gnutls, nettle
|
||||||
, makeWrapper
|
, makeWrapper
|
||||||
, attr, libcap, libcap_ng
|
, attr, libcap, libcap_ng
|
||||||
, CoreServices, Cocoa, rez, setfile
|
, CoreServices, Cocoa, rez, setfile
|
||||||
|
@ -45,7 +45,24 @@ stdenv.mkDerivation rec {
|
||||||
|
|
||||||
enableParallelBuilding = true;
|
enableParallelBuilding = true;
|
||||||
|
|
||||||
patches = [ ./no-etc-install.patch ];
|
patches = [
|
||||||
|
./no-etc-install.patch
|
||||||
|
(fetchpatch {
|
||||||
|
url = "http://git.qemu.org/?p=qemu.git;a=patch;h=fff39a7ad09da07ef490de05c92c91f22f8002f2";
|
||||||
|
name = "9pfs-forbid-illegal-path-names.patch";
|
||||||
|
sha256 = "081j85p6m7s1cfh3aq1i2av2fsiarlri9gs939s0wvc6pdyb4b70";
|
||||||
|
})
|
||||||
|
(fetchpatch {
|
||||||
|
url = "http://git.qemu.org/?p=qemu.git;a=patch;h=805b5d98c649d26fc44d2d7755a97f18e62b438a";
|
||||||
|
name = "9pfs-forbid-.-and-..-in-file-names.patch";
|
||||||
|
sha256 = "0km6knll492dx745gx37bi6dhmz08cmjiyf479ajkykp0aljii24";
|
||||||
|
})
|
||||||
|
(fetchpatch {
|
||||||
|
url = "http://git.qemu.org/?p=qemu.git;a=patch;h=56f101ecce0eafd09e2daf1c4eeb1377d6959261";
|
||||||
|
name = "9pfs-directory-traversal-CVE-2016-7116.patch";
|
||||||
|
sha256 = "06pr070qj19w5mjxr36bcqxmgpiczncigqsbwfc8ncjhm1h7dmry";
|
||||||
|
})
|
||||||
|
];
|
||||||
|
|
||||||
configureFlags =
|
configureFlags =
|
||||||
[ "--smbd=smbd" # use `smbd' from $PATH
|
[ "--smbd=smbd" # use `smbd' from $PATH
|
||||||
|
|
Loading…
Reference in a new issue