mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-22 21:50:55 +00:00
Merge pull request #79050 from andrew-d/andrew/qemu-CVEs
qemu: add patches for CVE-2020-7039 and CVE-2020-7211
This commit is contained in:
commit
edfd964253
|
@ -84,6 +84,37 @@ stdenv.mkDerivation rec {
|
|||
stripLen = 1;
|
||||
extraPrefix = "slirp/";
|
||||
})
|
||||
# patches listed at: https://nvd.nist.gov/vuln/detail/CVE-2020-7039
|
||||
(fetchpatch {
|
||||
name = "CVE-2020-7039-1.patch";
|
||||
url = "https://git.qemu.org/?p=libslirp.git;a=patch;h=2655fffed7a9e765bcb4701dd876e9dab975f289";
|
||||
sha256 = "1jh0k3lg3553c2x1kq1kl3967jabhba5gm584wjpmr5mjqk3lnz1";
|
||||
stripLen = 1;
|
||||
extraPrefix = "slirp/";
|
||||
excludes = ["slirp/CHANGELOG.md"];
|
||||
})
|
||||
(fetchpatch {
|
||||
name = "CVE-2020-7039-2.patch";
|
||||
url = "https://git.qemu.org/?p=libslirp.git;a=patch;h=82ebe9c370a0e2970fb5695aa19aa5214a6a1c80";
|
||||
sha256 = "08ccxcmrhzknnzd1a1q2brszv3a7h02n26r73kpli10b0hn12r2l";
|
||||
stripLen = 1;
|
||||
extraPrefix = "slirp/";
|
||||
})
|
||||
(fetchpatch {
|
||||
name = "CVE-2020-7039-3.patch";
|
||||
url = "https://git.qemu.org/?p=libslirp.git;a=patch;h=ce131029d6d4a405cb7d3ac6716d03e58fb4a5d9";
|
||||
sha256 = "18ypj9an2jmsmdn58853rbz42r10587h7cz5fdws2x4635778ibd";
|
||||
stripLen = 1;
|
||||
extraPrefix = "slirp/";
|
||||
})
|
||||
# patches listed at: https://nvd.nist.gov/vuln/detail/CVE-2020-7211
|
||||
(fetchpatch {
|
||||
name = "CVE-2020-7211.patch";
|
||||
url = "https://git.qemu.org/?p=libslirp.git;a=patch;h=14ec36e107a8c9af7d0a80c3571fe39b291ff1d4";
|
||||
sha256 = "1lc8zabqs580iqrsr5k7zwgkx6qjmja7apwfbc36lkvnrxwfzmrc";
|
||||
stripLen = 1;
|
||||
extraPrefix = "slirp/";
|
||||
})
|
||||
] ++ optional nixosTestRunner ./force-uid0-on-9p.patch
|
||||
++ optionals stdenv.hostPlatform.isMusl [
|
||||
(fetchpatch {
|
||||
|
|
Loading…
Reference in a new issue