public
/
nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

rsync: fix CVE-2017-16548

This commit is contained in:
Andreas Rammhold 2017-12-09 13:09:28 +01:00
parent 0a41fc6b7c
commit 3d2df41a8f
No known key found for this signature in database
GPG Key ID: E432E410B5E48C86
3 changed files with 17 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
pkgs/applications/networking/sync/rsync/base.nix
View File

@ -1,4 +1,4 @@
{ stdenv, fetchurl }: { stdenv, fetchurl, fetchpatch }:
rec { rec {
version = "3.1.2"; version = "3.1.2";
@ -7,11 +7,18 @@ rec {
url = "mirror://samba/rsync/src/rsync-${version}.tar.gz"; url = "mirror://samba/rsync/src/rsync-${version}.tar.gz";
sha256 = "1hm1q04hz15509f0p9bflw4d6jzfvpm1d36dxjwihk1wzakn5ypc"; sha256 = "1hm1q04hz15509f0p9bflw4d6jzfvpm1d36dxjwihk1wzakn5ypc";
}; };
patches = fetchurl { patches = [
(fetchurl {
# signed with key 0048 C8B0 26D4 C96F 0E58 9C2F 6C85 9FB1 4B96 A8C5 # signed with key 0048 C8B0 26D4 C96F 0E58 9C2F 6C85 9FB1 4B96 A8C5
url = "mirror://samba/rsync/rsync-patches-${version}.tar.gz"; url = "mirror://samba/rsync/rsync-patches-${version}.tar.gz";
sha256 = "09i3dcl37p22dp75vlnsvx7bm05ggafnrf1zwhf2kbij4ngvxvpd"; sha256 = "09i3dcl37p22dp75vlnsvx7bm05ggafnrf1zwhf2kbij4ngvxvpd";
}; })
(fetchpatch {
name = "CVE-2017-16548.patch";
url = "https://git.samba.org/rsync.git/?p=rsync.git;a=commitdiff_plain;h=47a63d90e71d3e19e0e96052bb8c6b9cb140ecc1;hp=bc112b0e7feece62ce98708092306639a8a53cce";
sha256 = "1dcdnfhbc5gd0ph7pds0xr2v8rpb2a4p7l9c1wml96nhnyww1pg1";
})
];
meta = with stdenv.lib; { meta = with stdenv.lib; {
homepage = http://rsync.samba.org/; homepage = http://rsync.samba.org/;

4
pkgs/applications/networking/sync/rsync/default.nix
View File

@ -1,4 +1,4 @@
{ stdenv, fetchurl, perl, libiconv, zlib, popt { stdenv, fetchurl, fetchpatch, perl, libiconv, zlib, popt
, enableACLs ? true, acl ? null , enableACLs ? true, acl ? null
, enableCopyDevicesPatch ? false , enableCopyDevicesPatch ? false
}: }:
@ -6,7 +6,7 @@
assert enableACLs -> acl != null; assert enableACLs -> acl != null;
let let
base = import ./base.nix { inherit stdenv fetchurl; }; base = import ./base.nix { inherit stdenv fetchurl fetchpatch; };
in in
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "rsync-${base.version}"; name = "rsync-${base.version}";

4
pkgs/applications/networking/sync/rsync/rrsync.nix
View File

@ -1,7 +1,7 @@
{ stdenv, fetchurl, perl, rsync }: { stdenv, fetchurl, fetchpatch, perl, rsync }:
let let
base = import ./base.nix { inherit stdenv fetchurl; }; base = import ./base.nix { inherit stdenv fetchurl fetchpatch; };
in in
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "rrsync-${base.version}"; name = "rrsync-${base.version}";