libexosip: 4.1.0 -> 5.2.0
Fix CVE-2014-10375. sipwitch is marked as broken as it does compile with libexosip > 5.0.0 and the upstream project appears to be stalled/abandoned.
This commit is contained in:
parent
59863dc3d7
commit
fdafac8b00
2 changed files with 5 additions and 11 deletions
|
@ -1,24 +1,17 @@
|
||||||
{ lib, stdenv, fetchurl, libosip, openssl, pkg-config, fetchpatch }:
|
{ lib, stdenv, fetchurl, libosip, openssl, pkg-config }:
|
||||||
|
|
||||||
stdenv.mkDerivation rec {
|
stdenv.mkDerivation rec {
|
||||||
pname = "libexosip2";
|
pname = "libexosip2";
|
||||||
version = "4.1.0";
|
version = "5.2.0";
|
||||||
|
|
||||||
src = fetchurl {
|
src = fetchurl {
|
||||||
url = "mirror://savannah/exosip/libeXosip2-${version}.tar.gz";
|
url = "mirror://savannah/exosip/${pname}-${version}.tar.gz";
|
||||||
sha256 = "17cna8kpc8nk1si419vgr6r42k2lda0rdk50vlxrw8rzg0xp2xrw";
|
sha256 = "09bj7cm6mk8yr68y5a09a625x10ql6an3zi4pj6y1jbkhpgqibp3";
|
||||||
};
|
};
|
||||||
|
|
||||||
nativeBuildInputs = [ pkg-config ];
|
nativeBuildInputs = [ pkg-config ];
|
||||||
buildInputs = [ libosip openssl ];
|
buildInputs = [ libosip openssl ];
|
||||||
|
|
||||||
patches = [
|
|
||||||
(fetchpatch {
|
|
||||||
url = "https://sources.debian.net/data/main/libe/libexosip2/4.1.0-2.1/debian/patches/openssl110.patch";
|
|
||||||
sha256 = "01q2dax7pwh197mn18r22y38mrsky85mvs9vbkn9fpcilrdayal6";
|
|
||||||
})
|
|
||||||
];
|
|
||||||
|
|
||||||
meta = with lib; {
|
meta = with lib; {
|
||||||
license = licenses.gpl2Plus;
|
license = licenses.gpl2Plus;
|
||||||
description = "Library that hides the complexity of using the SIP protocol";
|
description = "Library that hides the complexity of using the SIP protocol";
|
||||||
|
|
|
@ -23,5 +23,6 @@ stdenv.mkDerivation rec {
|
||||||
license = lib.licenses.gpl3Plus;
|
license = lib.licenses.gpl3Plus;
|
||||||
maintainers = with lib.maintainers; [ ];
|
maintainers = with lib.maintainers; [ ];
|
||||||
platforms = with lib.platforms; linux;
|
platforms = with lib.platforms; linux;
|
||||||
|
broken = true; # Require libexosip2 < 5.0.0 which is vulnerable to CVE-2014-10375.
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue