From 2fd674897299b1700b9be7cbe7445447b411029e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Janne=20He=C3=9F?= <janne@hess.ooo>
Date: Wed, 11 Aug 2021 20:02:34 +0200
Subject: [PATCH] libspf2: Fix CVE-2021-20314

There is no new release yet (see mailing list post on oss-security), so
I'm picking the commit that fixes the CVE.

There is another security flaw (without a CVE number) that is also
mentioned in the oss-security announcement but it is not explained which
commit patches the problem.

(cherry picked from commit 46b7a5be1ced0280951d1a5736b0316de92a53f2)
---
 pkgs/development/libraries/libspf2/default.nix | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/pkgs/development/libraries/libspf2/default.nix b/pkgs/development/libraries/libspf2/default.nix
index 6a9cb8b647c..dc46e356e2c 100644
--- a/pkgs/development/libraries/libspf2/default.nix
+++ b/pkgs/development/libraries/libspf2/default.nix
@@ -17,6 +17,11 @@ stdenv.mkDerivation rec {
       url = "https://github.com/shevek/libspf2/commit/5852828582f556e73751076ad092f72acf7fc8b6.patch";
       sha256 = "1v6ashqzpr0xidxq0vpkjd8wd66cj8df01kyzj678ljzcrax35hk";
     })
+    (fetchurl {
+      name = "0002-CVE-2021-20314.patch";
+      url = "https://github.com/shevek/libspf2/commit/c37b7c13c30e225183899364b9f2efdfa85552ef.patch";
+      sha256 = "190nnh7mlz6328829ba6jajad16s3md8kraspn81qnvhwh0nkiak";
+    })
   ];
 
   postPatch = ''