From 8c3a97fa7e18046c2847ac75b95a88bc18683f8f Mon Sep 17 00:00:00 2001
From: Robert Scott <code@humanleg.org.uk>
Date: Wed, 18 Dec 2019 22:00:49 +0000
Subject: [PATCH 1/2] qemu: 4.1.0 -> 4.2.0

---
 pkgs/applications/virtualization/qemu/default.nix     |  4 ++--
 .../virtualization/qemu/no-etc-install.patch          | 11 +++++------
 2 files changed, 7 insertions(+), 8 deletions(-)

diff --git a/pkgs/applications/virtualization/qemu/default.nix b/pkgs/applications/virtualization/qemu/default.nix
index f90873c6e33..b6dea611868 100644
--- a/pkgs/applications/virtualization/qemu/default.nix
+++ b/pkgs/applications/virtualization/qemu/default.nix
@@ -35,7 +35,7 @@ let
 in
 
 stdenv.mkDerivation rec {
-  version = "4.1.0";
+  version = "4.2.0";
   pname = "qemu"
     + stdenv.lib.optionalString xenSupport "-xen"
     + stdenv.lib.optionalString hostCpuOnly "-host-cpu-only"
@@ -43,7 +43,7 @@ stdenv.mkDerivation rec {
 
   src = fetchurl {
     url = "https://wiki.qemu.org/download/qemu-${version}.tar.bz2";
-    sha256 = "1bpl6hwiw1jdxk4xmqp10qgki0dji0l2rzr10dyhyk8d85vxxw29";
+    sha256 = "1gczv8hn3wqci86css3mhzrppp3z8vppxw25l08j589k6bvz7x1w";
   };
 
   nativeBuildInputs = [ python python.pkgs.sphinx pkgconfig flex bison ];
diff --git a/pkgs/applications/virtualization/qemu/no-etc-install.patch b/pkgs/applications/virtualization/qemu/no-etc-install.patch
index 57e190f5ae7..5bab930d06a 100644
--- a/pkgs/applications/virtualization/qemu/no-etc-install.patch
+++ b/pkgs/applications/virtualization/qemu/no-etc-install.patch
@@ -1,13 +1,12 @@
 diff --git a/Makefile b/Makefile
-index 85862fb8..ed52c5ec 100644
 --- a/Makefile
 +++ b/Makefile
-@@ -841,7 +841,7 @@ endif
+@@ -867,7 +867,7 @@ install-includedir:
+ 	$(INSTALL_DIR) "$(DESTDIR)$(includedir)"
  
- ICON_SIZES=16x16 24x24 32x32 48x48 64x64 128x128 256x256 512x512
- 
--install: all $(if $(BUILD_DOCS),install-doc) install-datadir install-localstatedir \
-+install: all $(if $(BUILD_DOCS),install-doc) install-datadir \
+ install: all $(if $(BUILD_DOCS),install-doc) \
+-	install-datadir install-localstatedir install-includedir \
++	install-datadir install-includedir \
  	$(if $(INSTALL_BLOBS),$(edk2-decompressed)) \
  	recurse-install
  ifneq ($(TOOLS),)

From f5c0d150e7d3d4b6d6b37ebb70618eb9d8137996 Mon Sep 17 00:00:00 2001
From: Robert Scott <code@humanleg.org.uk>
Date: Thu, 19 Dec 2019 00:51:04 +0000
Subject: [PATCH 2/2] qemu: add patch for CVE-2019-15890

---
 pkgs/applications/virtualization/qemu/default.nix | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/pkgs/applications/virtualization/qemu/default.nix b/pkgs/applications/virtualization/qemu/default.nix
index b6dea611868..67aa36b7827 100644
--- a/pkgs/applications/virtualization/qemu/default.nix
+++ b/pkgs/applications/virtualization/qemu/default.nix
@@ -77,6 +77,13 @@ stdenv.mkDerivation rec {
     ./no-etc-install.patch
     ./fix-qemu-ga.patch
     ./9p-ignore-noatime.patch
+    (fetchpatch {
+      name = "CVE-2019-15890.patch";
+      url = "https://git.qemu.org/?p=libslirp.git;a=patch;h=c59279437eda91841b9d26079c70b8a540d41204";
+      sha256 = "1q2rc67mfdz034mk81z9bw105x9zad7n954sy3kq068b1svrf7iy";
+      stripLen = 1;
+      extraPrefix = "slirp/";
+    })
   ] ++ optional nixosTestRunner ./force-uid0-on-9p.patch
     ++ optionals stdenv.hostPlatform.isMusl [
     (fetchpatch {