From d5adf2cc0bd4d1d436dd81f33a8503a6db8e1762 Mon Sep 17 00:00:00 2001 From: Franz Pletz Date: Wed, 28 Sep 2016 03:39:11 +0200 Subject: [PATCH] dhcp: 4.3.3 -> 4.3.4 Uses shipped version of libbind now. Fix CVE-2016-2774 & CVE-2015-8605. cc #18856 --- pkgs/tools/networking/dhcp/default.nix | 22 +++++----------------- 1 file changed, 5 insertions(+), 17 deletions(-) diff --git a/pkgs/tools/networking/dhcp/default.nix b/pkgs/tools/networking/dhcp/default.nix index c3cdaffcc27f..e7a593ff830c 100644 --- a/pkgs/tools/networking/dhcp/default.nix +++ b/pkgs/tools/networking/dhcp/default.nix @@ -1,14 +1,14 @@ { stdenv, fetchurl, perl, file, nettools, iputils, iproute, makeWrapper -, coreutils, gnused, bind, openldap ? null +, coreutils, gnused, openldap ? null }: stdenv.mkDerivation rec { name = "dhcp-${version}"; - version = "4.3.3"; - + version = "4.3.4"; + src = fetchurl { url = "http://ftp.isc.org/isc/dhcp/${version}/${name}.tar.gz"; - sha256 = "1pjy4lylx7dww1fp2mk5ikya5vxaf97z70279j81n74vn12ljg2m"; + sha256 = "0zk0imll6bfyp9p4ndn8h6s4ifijnw5bhixswifr5rnk7pp5l4gm"; }; patches = @@ -23,21 +23,9 @@ stdenv.mkDerivation rec { ./set-hostname.patch ]; - # Fixes "socket.c:591: error: invalid application of 'sizeof' to - # incomplete type 'struct in6_pktinfo'". See - # http://www.mail-archive.com/blfs-book@linuxfromscratch.org/msg13013.html - # - # Also adds the ability to run dhcpd as a non-root user / group - NIX_CFLAGS_COMPILE = "-D_GNU_SOURCE -DPARANOIA"; - - # It would automatically add -Werror, which disables build in gcc 4.4 - # due to an uninitialized variable. - CFLAGS = "-g -O2 -Wall"; - - buildInputs = [ perl makeWrapper openldap bind ]; + buildInputs = [ perl makeWrapper openldap ]; configureFlags = [ - "--with-libbind=${bind.dev}" "--enable-failover" "--enable-execute" "--enable-tracing"