public
/
nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

lasso: Fix signature verification in AuthnResponse messages 

Fixes: CVE-2021-28091
This commit is contained in:
Martin Weinelt 2021-06-02 16:49:11 +02:00
parent 5285a51c2e
commit bdf95a994e
No known key found for this signature in database
GPG Key ID: 87C1E9888F856759
1 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
pkgs/development/libraries/lasso/default.nix
View File

@ -1,4 +1,4 @@
{ lib, stdenv, autoconf, automake, autoreconfHook, fetchurl, glib, gobject-introspection, gtk-doc, libtool, libxml2, libxslt, openssl, pkg-config, python27Packages, xmlsec, zlib }:
{ lib, stdenv, autoconf, automake, autoreconfHook, fetchurl, fetchpatch, glib, gobject-introspection, gtk-doc, libtool, libxml2, libxslt, openssl, pkg-config, python27Packages, xmlsec, zlib }:
stdenv.mkDerivation rec {
@ -11,6 +11,14 @@ stdenv.mkDerivation rec {
};
patches = [
(fetchpatch {
name = "CVE-2021-28091.patch";
url = "https://git.entrouvert.org/lasso.git/patch/?id=ea7e5efe9741e1b1787a58af16cb15b40c23be5a";
sha256 = "0070x01pir30hsb21mp69pf9pxingadl3y4w0afw07a5c57drhn4";
})
];
nativeBuildInputs = [ autoreconfHook pkg-config ];
buildInputs = [ autoconf automake glib gobject-introspection gtk-doc libtool libxml2 libxslt openssl python27Packages.six xmlsec zlib ];