polkit: add patch for CVE-2018-19788

unprivileged users with UID > INT_MAX can successfully execute any systemctl command
Original issue: https://gitlab.freedesktop.org/polkit/polkit/issues/74
This commit is contained in:
c0bw3b 2018-12-07 19:35:43 +01:00
parent 747aa4cc93
commit a14af16cfc

View File

@ -20,6 +20,14 @@ stdenv.mkDerivation rec {
sha256 = "0c91y61y4gy6p91cwbzg32dhavw4b7fflg370rimqhdxpzdfr1rg";
};
patches = [
# CVE-2018-19788 - high UID fixup
(fetchpatch {
url = "https://gitlab.freedesktop.org/polkit/polkit/commit/5230646dc6876ef6e27f57926b1bad348f636147.patch";
name = "CVE-2018-19788.patch";
sha256 = "1y3az4mlxx8k1zcss5qm7k102s7k1kqgcfnf11j9678fh7p008vp";
})
];
postPatch = stdenv.lib.optionalString stdenv.isDarwin ''
sed -i -e "s/-Wl,--as-needed//" configure.ac