public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

pythonPackages.pysaml2: patch against external XML entities (CVE-2016-10127)

Browse Source
This commit is contained in:
Graham Christensen 2017-01-19 21:44:22 -05:00
parent b81d07e6e6
commit cda11c958e
No known key found for this signature in database
GPG Key ID: 06121D366FE9435C
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
pkgs/top-level/python-packages.nix
View File

@ -19540,9 +19540,18 @@ in {
sha256 = "0y2iw1dddcvi13xjh3l52z1mvnrbc41ik9k4nn7lwj8x5kimnk9n"; sha256 = "0y2iw1dddcvi13xjh3l52z1mvnrbc41ik9k4nn7lwj8x5kimnk9n";
}; };
patches = [
(pkgs.fetchpatch {
name = "CVE-2016-10127.patch";
url = "https://sources.debian.net/data/main/p/python-pysaml2/3.0.0-5/debian/patches/fix-xxe-in-xml-parsing.patch";
sha256 = "184lkwdayjqiahzsn4yp15parqpmphjsb1z7zwd636jvarxqgs2q";
})
];
propagatedBuildInputs = with self; [ propagatedBuildInputs = with self; [
repoze_who paste cryptography pycrypto pyopenssl ipaddress six cffi idna repoze_who paste cryptography pycrypto pyopenssl ipaddress six cffi idna
enum34 pytz setuptools zope_interface dateutil requests2 pyasn1 webob decorator pycparser enum34 pytz setuptools zope_interface dateutil requests2 pyasn1 webob decorator pycparser
defusedxml
]; ];
buildInputs = with self; [ buildInputs = with self; [
Mako pytest memcached pymongo mongodict pkgs.xmlsec Mako pytest memcached pymongo mongodict pkgs.xmlsec