From 41b43b201e23f5f1f2ac943d04b896de7ab860a9 Mon Sep 17 00:00:00 2001 From: Franz Pletz Date: Thu, 28 Sep 2017 13:53:18 +0200 Subject: [PATCH] oniguruma: 5.9.5 -> 6.6.1 for multiple CVEs Fixes CVE-2017-9224, CVE-2017-9225, CVE-2017-9226, CVE-2017-9227, CVE-2017-9228, CVE-2017-9229. --- .../development/libraries/oniguruma/default.nix | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/pkgs/development/libraries/oniguruma/default.nix b/pkgs/development/libraries/oniguruma/default.nix index 62b0080fce0..eccfccbaf04 100644 --- a/pkgs/development/libraries/oniguruma/default.nix +++ b/pkgs/development/libraries/oniguruma/default.nix @@ -1,15 +1,20 @@ -{ stdenv, fetchurl }: +{ stdenv, fetchFromGitHub, cmake }: stdenv.mkDerivation rec { - name = "onig-5.9.5"; + name = "onig-${version}"; + version = "6.6.1"; - src = fetchurl { - url = http://www.geocities.jp/kosako3/oniguruma/archive/onig-5.9.5.tar.gz; - sha256 = "12j3fsdb8hbhnj29hysal9l7i7s71l0ln3lx8hjpxx5535wawjcz"; + src = fetchFromGitHub { + owner = "kkos"; + repo = "oniguruma"; + rev = "v${version}"; + sha256 = "062g5443dyxsraq346panfqvbd6wal6nmb336n4dw1rszx576sxz"; }; + nativeBuildInputs = [ cmake ]; + meta = { - homepage = http://www.geocities.jp/kosako3/oniguruma/; + homepage = https://github.com/kkos/oniguruma; description = "Regular expressions library"; license = stdenv.lib.licenses.bsd2; maintainers = with stdenv.lib.maintainers; [ fuuzetsu ];