treewide: add CVE identifiers to patches

This allows tools like broken.sh to correctly identify the patched status.
2020-05-06 23:18:09 +02:00
parent f46cbbc540
commit e24f5eab66
12 changed files with 32 additions and 21 deletions
--- a/pkgs/tools/misc/mcrypt/default.nix
+++ b/pkgs/tools/misc/mcrypt/default.nix
@@ -9,7 +9,12 @@ stdenv.mkDerivation rec {
    sha256 = "5145aa844e54cca89ddab6fb7dd9e5952811d8d787c4f4bf27eb261e6c182098";
  };

-  patches = [ ./format-string.patch ./overflow.patch ./segv.patch ./sprintf.patch ];
+  patches = [
+    ./format-string_CVE-2012-4426.patch
+    ./overflow_CVE-2012-4409.patch
+    ./segv.patch
+    ./sprintf_CVE-2012-4527.patch
+  ];

  buildInputs = [ libmcrypt libmhash ];

--- a/pkgs/tools/misc/mcrypt/format-string_CVE-2012-4426.patch
+++ b/pkgs/tools/misc/mcrypt/format-string_CVE-2012-4426.patch
--- a/pkgs/tools/misc/mcrypt/overflow_CVE-2012-4409.patch
+++ b/pkgs/tools/misc/mcrypt/overflow_CVE-2012-4409.patch
--- a/pkgs/tools/misc/mcrypt/sprintf_CVE-2012-4527.patch
+++ b/pkgs/tools/misc/mcrypt/sprintf_CVE-2012-4527.patch