p7zip: fix two CVEs
This commit is contained in:
parent
9d11b73c33
commit
dd16c3944c
1 changed files with 9 additions and 1 deletions
|
@ -1,4 +1,4 @@
|
|||
{ stdenv, fetchurl, lib, enableUnfree ? false }:
|
||||
{ stdenv, fetchurl, fetchpatch, lib, enableUnfree ? false }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "p7zip";
|
||||
|
@ -12,6 +12,14 @@ stdenv.mkDerivation rec {
|
|||
patches = [
|
||||
./12-CVE-2016-9296.patch
|
||||
./13-CVE-2017-17969.patch
|
||||
(fetchpatch {
|
||||
url = "https://raw.githubusercontent.com/termux/termux-packages/master/packages/p7zip/3-CVE-2018-5996.patch";
|
||||
sha256 = "1zivvkazmza0653i498ccp3zbpbpc7dvxl3zxwllbx41b6n589yp";
|
||||
})
|
||||
(fetchpatch {
|
||||
url = "https://raw.githubusercontent.com/termux/termux-packages/master/packages/p7zip/4-CVE-2018-10115.patch";
|
||||
sha256 = "1cr7q8gnrk9yp6dcvxaqi1yhdbgp964nkv65ls41mw1kdfm44zn6";
|
||||
})
|
||||
];
|
||||
|
||||
# Default makefile is full of impurities on Darwin. The patch doesn't hurt Linux so I'm leaving it unconditional
|
||||
|
|
Loading…
Reference in a new issue