BoomMicrophone/nixpkgs-suyu
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

quictls: 3.0.5+quick_unstable-2022-07.05 -> 3.0.7+quic1

Browse source 
Fixes CVE-2022-3786 and CVE-2022-3602.
See eeca5969b3 and 70ca403dc2.
This commit is contained in:
Thomas Gerbet 2022-11-02 17:17:03 +01:00
parent 4b05cc6f66
commit bbae16baa9
1 changed files with 6 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
pkgs/development/libraries/quictls/default.nix
View file

@ -12,13 +12,13 @@
stdenv.mkDerivation rec {
pname = "quictls";
version = "3.0.5+quick_unstable-2022-07.05";
version = "3.0.7+quic1";
src = fetchFromGitHub {
owner = "quictls";
repo = "openssl";
rev = "75e940831d0570d6b020cfebf128ae500f424867";
sha256 = "sha256-1HBGKafcCbM0RZWLvyl3vpSfGBsAcGDgjz1Nm/qclWM=";
rev = "openssl-${version}";
sha256 = "sha256-ZRS0ZV+/U4PD2lVE+PsUAWSuk5EFg5mOKYlwgY3Ecus=";
};
patches = [
@ -108,6 +108,9 @@ stdenv.mkDerivation rec {
"-DUSE_CRYPTODEV_DIGESTS"
] ++ lib.optional enableSSL2 "enable-ssl2"
++ lib.optional enableSSL3 "enable-ssl3"
# We select KTLS here instead of the configure-time detection (which we patch out).
# KTLS should work on FreeBSD 13+ as well, so we could enable it if someone tests it.
++ lib.optional (stdenv.isLinux && lib.versionAtLeast version "3.0.0") "enable-ktls"
++ lib.optional stdenv.hostPlatform.isAarch64 "no-afalgeng"
# OpenSSL needs a specific `no-shared` configure flag.
# See https://wiki.openssl.org/index.php/Compilation_and_Installation#Configure_Options