From 9ac6297b79b5004283a939ebdc451e8a8749af24 Mon Sep 17 00:00:00 2001
From: Franz Pletz <fpletz@fnordicwalking.de>
Date: Thu, 26 Jan 2017 00:40:17 +0100
Subject: [PATCH] ppp: add patch to fix CVE-2015-3310

---
 pkgs/tools/networking/ppp/default.nix | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/pkgs/tools/networking/ppp/default.nix b/pkgs/tools/networking/ppp/default.nix
index bc6b2b0e5de..90a4b988c3f 100644
--- a/pkgs/tools/networking/ppp/default.nix
+++ b/pkgs/tools/networking/ppp/default.nix
@@ -18,6 +18,11 @@ stdenv.mkDerivation rec {
       # Without nonpriv.patch, pppd --version doesn't work when not run as
       # root.
       ./nonpriv.patch
+      (fetchurl {
+        name = "CVE-2015-3310.patch";
+        url = "https://anonscm.debian.org/git/collab-maint/pkg-ppp.git/plain/debian/patches/rc_mksid-no-buffer-overflow?h=debian/2.4.7-1%2b4";
+        sha256 = "1dk00j7bg9nfgskw39fagnwv1xgsmyv0xnkd6n1v5gy0psw0lvqh";
+      })
     ];
 
   buildInputs = [ libpcap ];