public
/
nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

bazaar: Fix CVE-2017-14176

This commit is contained in:
adisbladis 2018-04-20 02:07:16 +08:00
parent c826e15a98
commit 19bc90f911
No known key found for this signature in database
GPG Key ID: ED58F95069B004F5
1 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
pkgs/applications/version-management/bazaar/default.nix
View File

@ -1,4 +1,5 @@
{ stdenv, fetchurl, python2Packages { stdenv, fetchurl, python2Packages
, fetchpatch
, withSFTP ? true , withSFTP ? true
}: }:
@ -17,8 +18,15 @@ python2Packages.buildPythonApplication rec {
propagatedBuildInputs = [] propagatedBuildInputs = []
++ stdenv.lib.optionals withSFTP [ python2Packages.paramiko ]; ++ stdenv.lib.optionals withSFTP [ python2Packages.paramiko ];
patches = [
# Bazaar can't find the certificates alone # Bazaar can't find the certificates alone
patches = [ ./add_certificates.patch ]; ./add_certificates.patch
(fetchpatch {
url = "https://bazaar.launchpad.net/~brz/brz/trunk/revision/6754";
sha256 = "0mdqa9w1p6cmli6976v4wi0sw9r4p5prkj7lzfd1877wk11c9c73";
name = "CVE-2017-14176.patch";
})
];
postPatch = '' postPatch = ''
substituteInPlace bzrlib/transport/http/_urllib2_wrappers.py \ substituteInPlace bzrlib/transport/http/_urllib2_wrappers.py \
--subst-var-by certPath /etc/ssl/certs/ca-certificates.crt --subst-var-by certPath /etc/ssl/certs/ca-certificates.crt