diff --git a/pkgs/tools/networking/keepalived/default.nix b/pkgs/tools/networking/keepalived/default.nix index 2d6d9ad3de2..4e1894db98c 100644 --- a/pkgs/tools/networking/keepalived/default.nix +++ b/pkgs/tools/networking/keepalived/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, libnfnetlink, libnl, net_snmp, openssl, pkgconfig }: +{ stdenv, fetchFromGitHub, fetchpatch, libnfnetlink, libnl, net_snmp, openssl, pkgconfig }: stdenv.mkDerivation rec { pname = "keepalived"; @@ -11,6 +11,14 @@ stdenv.mkDerivation rec { sha256 = "12r80rcfxrys826flaqcdlfhcr7q4ccsd62ra1svy9545vf02qmx"; }; + patches = [ + (fetchpatch { + name = "CVE-2018-19115.patch"; + url = "https://github.com/acassen/keepalived/pull/961/commits/f28015671a4b04785859d1b4b1327b367b6a10e9.patch"; + sha256 = "1jnwk7x4qdgv7fb4jzw6sihv62n8wv04myhgwm2vxn8nfkcgd1mm"; + }) + ]; + buildInputs = [ libnfnetlink libnl