public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #134072 from risicle/ris-openvswitch-CVE-2021-36980-r21.05

Browse Source 
[21.05] openvswitch: add patch for CVE-2021-36980
This commit is contained in:
Martin Weinelt 2021-08-24 19:49:01 +02:00 committed by GitHub
commit ae2717f11b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 16 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
pkgs/os-specific/linux/openvswitch/default.nix
View File

@ -1,5 +1,5 @@
{ lib, stdenv, fetchurl, makeWrapper, pkg-config, util-linux, which { lib, stdenv, fetchurl, fetchpatch, makeWrapper, pkg-config, util-linux, which
, procps, libcap_ng, openssl, python3 , perl , procps, libcap_ng, openssl, python3, perl, autoconf, automake, libtool
, kernel ? null }: , kernel ? null }:
with lib; with lib;
@ -16,9 +16,22 @@ in stdenv.mkDerivation rec {
sha256 = "sha256-ZfQg+VTiUNiV+y2yKhMuHLVgvF4rkFHoNFETSBCOWXo="; sha256 = "sha256-ZfQg+VTiUNiV+y2yKhMuHLVgvF4rkFHoNFETSBCOWXo=";
}; };
patches = [
(fetchpatch {
name = "CVE-2021-36980.patch";
url = "https://github.com/openvswitch/ovs/commit/8ce8dc34b5f73b30ce0c1869af9947013c3c6575.patch";
sha256 = "1iyaqkiwijl2djjvnnvykh95qlzgvn9hmpszrwzmhwvik5m7b6g6";
# we don't run the tests, and the binary example missing from the patch
# file upsets the build process
excludes = [ "tests/*" ];
})
];
preConfigure = "./boot.sh";
kernel = optional (_kernel != null) _kernel.dev; kernel = optional (_kernel != null) _kernel.dev;
nativeBuildInputs = [ pkg-config makeWrapper ]; nativeBuildInputs = [ pkg-config makeWrapper autoconf automake libtool ];
buildInputs = [ util-linux openssl libcap_ng pythonEnv buildInputs = [ util-linux openssl libcap_ng pythonEnv
perl procps which ]; perl procps which ];