public
/
nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

cereal: add patch for CVE-2020-11105 (#121574) 

Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
This commit is contained in:
Tal Walter 2021-05-22 22:21:54 +09:00 committed by GitHub
parent fdd42cb68c
commit 4509181d6c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 14 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
pkgs/development/libraries/cereal/default.nix
View File

@ -1,4 +1,4 @@
{ lib, stdenv, fetchFromGitHub, cmake }:
{ lib, stdenv, fetchFromGitHub, fetchpatch, cmake }:
stdenv.mkDerivation rec {
pname = "cereal";
version = "1.3.0";
@ -12,7 +12,19 @@ stdenv.mkDerivation rec {
sha256 = "0hc8wh9dwpc1w1zf5lfss4vg5hmgpblqxbrpp1rggicpx9ar831p";
};
cmakeFlagsArray = [ "-DJUST_INSTALL_CEREAL=yes" ];
patches = [
# https://nvd.nist.gov/vuln/detail/CVE-2020-11105
# serialized std::shared_ptr variables cannot always be expected to
# serialize back into their original values. This can have any number of
# consequences, depending on the context within which this manifests.
(fetchpatch {
name = "CVE-2020-11105.patch";
url = "https://github.com/USCiLab/cereal/commit/f27c12d491955c94583512603bf32c4568f20929.patch";
sha256 = "CIkbJ7bAN0MXBhTXQdoQKXUmY60/wQvsdn99FaWt31w=";
})
];
cmakeFlags = [ "-DJUST_INSTALL_CEREAL=yes" ];
meta = with lib; {
description = "A header-only C++11 serialization library";