From 7030245979c15c5dbd979a0472b1f11a53a5b32f Mon Sep 17 00:00:00 2001 From: matthewcroughan Date: Sat, 7 Aug 2021 23:40:36 +0100 Subject: [PATCH] lynx: add patch for CVE-2021-38165 Co-authored-by: nixinator <33lockdown33@protonmail.com> Co-authored-by: John Bargman Co-authored-by: Martin Weinelt (cherry picked from commit ddce0ec126f1c92504761bd8ece98548a40aa44f) --- pkgs/applications/networking/browsers/lynx/default.nix | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/pkgs/applications/networking/browsers/lynx/default.nix b/pkgs/applications/networking/browsers/lynx/default.nix index 713f934f778..40feaebd72c 100644 --- a/pkgs/applications/networking/browsers/lynx/default.nix +++ b/pkgs/applications/networking/browsers/lynx/default.nix @@ -2,6 +2,7 @@ , fetchurl, pkg-config, ncurses, gzip , sslSupport ? true, openssl ? null , nukeReferences +, fetchpatch }: assert sslSupport -> openssl != null; @@ -22,6 +23,14 @@ stdenv.mkDerivation rec { hardeningEnable = [ "pie" ]; + patches = [ + (fetchpatch { + name = "CVE-2021-38165.patch"; + url = "https://git.alpinelinux.org/aports/plain/main/lynx/CVE-2021-38165.patch?id=3400945dbbb8a87065360963e4caa0e17d3dcc61"; + sha256 = "1aykb9y2g2vdpbbpvjlm4r40x7py2yv6jbywwcqcxrlciqcw4x57"; + }) + ]; + configureFlags = [ "--enable-default-colors" "--enable-widec"