public
/
nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #136495 from risicle/ris-squashfs-CVE-2021-40153-r21.05 

[21.05] squashfsTools: add patch for CVE-2021-40153
This commit is contained in:
Maximilian Bosch 2021-09-04 19:09:55 +02:00 committed by GitHub
parent de8a6369e1 792dba27aa
commit 074ce6058c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
pkgs/tools/filesystems/squashfs/default.nix
View File

@ -1,6 +1,7 @@
{ lib
, stdenv
, fetchFromGitHub
, fetchpatch
, zlib
, xz
, lz4
@ -27,6 +28,12 @@ stdenv.mkDerivation rec {
# c37bb4da4a5fa8c1cf114237ba364692dd522262, can be removed
# when upgrading to the next version after 4.4
./0001-Mksquashfs-add-no-hardlinks-option.patch
(fetchpatch {
name = "CVE-2021-40153.patch";
url = "https://github.com/plougher/squashfs-tools/commit/79b5a555058eef4e1e7ff220c344d39f8cd09646.patch";
excludes = [ "squashfs-tools/unsquashfs.c" ];
sha256 = "1sqc076a2dp8w4pfpdmak0xy4ic364ln2ayngcbp5mp3k3jl3rlr";
})
] ++ lib.optional stdenv.isDarwin ./darwin.patch;
buildInputs = [ zlib xz zstd lz4 lzo ];