Merge pull request #259881 from MikaelFangel/patch-freeswitch

freeswitch: patch CVE-2023-5217 and CVE-2023-44488
This commit is contained in:
Thomas Gerbet 2023-10-10 12:34:47 +02:00 committed by GitHub
commit 147d12908d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -1,12 +1,28 @@
{ fetchFromGitHub, stdenv, lib, pkg-config, autoreconfHook
, ncurses, gnutls, readline
, openssl, perl, sqlite, libjpeg, speex, pcre, libuuid
, ldns, libedit, yasm, which, libsndfile, libtiff, libxcrypt
{ fetchFromGitHub
, fetchpatch
, stdenv
, lib
, pkg-config
, autoreconfHook
, ncurses
, gnutls
, readline
, openssl
, perl
, sqlite
, libjpeg
, speex
, pcre
, libuuid
, ldns
, libedit
, yasm
, which
, libsndfile
, libtiff
, libxcrypt
, callPackage
, SystemConfiguration
, modules ? null
, nixosTests
}:
@ -110,6 +126,20 @@ stdenv.mkDerivation rec {
done
'';
## TODO Validate with the next upstream release
patches = [
(fetchpatch {
name = "CVE-2023-44488.patch";
url = "https://github.com/signalwire/freeswitch/commit/f1fb05214e4f427dcf922f531431ab649cf0622b.patch";
hash = "sha256-6GMebE6O2EBx60NE2LSRVljaiLm9T4zTrkIpwGvaB08=";
})
(fetchpatch {
name = "CVE-2023-5217.patch";
url = "https://github.com/signalwire/freeswitch/commit/6f9e72c585265d8def8a613b36cd4f524c201980.patch";
hash = "sha256-l64mBpyq/TzRM78n73kbuD0UNsk5zIH5QNJlMKdPfr4=";
})
];
strictDeps = true;
nativeBuildInputs = [ pkg-config autoreconfHook perl which yasm ];
buildInputs = [