public
/
nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

lz4: patch CVE-2021-3520 and null pointer dereference 

(cherry picked from commit 2acd087dca93a3b589721b3ec32d13d9150684bb)
This commit is contained in:
TredwellGit 2021-05-30 02:08:18 +00:00 committed by github-actions[bot]
parent 1b1608a7b8
commit 35b4a78d9a
1 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
pkgs/tools/compression/lz4/default.nix
View File

@ -14,6 +14,19 @@ stdenv.mkDerivation rec {
owner = pname; owner = pname;
}; };
patches = [
(fetchpatch { # https://github.com/lz4/lz4/pull/972
name = "CVE-2021-3520.patch";
url = "https://github.com/lz4/lz4/commit/8301a21773ef61656225e264f4f06ae14462bca7.patch";
sha256 = "0r1cwpqdkdc8im0pf2r5jp7mwwn69xcw405rrk7rc0mpjcp5ydfk";
})
(fetchpatch { # https://github.com/lz4/lz4/pull/973
name = "avoid-null-pointer-dereference.patch";
url = "https://github.com/lz4/lz4/commit/29a6a1f4941e7243241fe00d6c13b749fd6b60c2.patch";
sha256 = "0v5yl5hd3qrfm3xm7m06j4b21qwllb4cqkjn2az7x1vnzqgpf8y7";
})
];
# TODO(@Ericson2314): Separate binaries and libraries # TODO(@Ericson2314): Separate binaries and libraries
outputs = [ "bin" "out" "dev" ]; outputs = [ "bin" "out" "dev" ];