treewide: add CVE identifiers to patches

This allows tools like broken.sh to correctly identify the patched status.
2020-05-06 23:18:09 +02:00
parent f46cbbc540
commit e24f5eab66
12 changed files with 32 additions and 21 deletions
--- a/pkgs/tools/security/super/default.nix
+++ b/pkgs/tools/security/super/default.nix
@@ -17,9 +17,11 @@ stdenv.mkDerivation rec {
  '';

  patches = [
-   (fetchpatch { url = "https://salsa.debian.org/debian/super/raw/debian/3.30.0-7/debian/patches/14-Fix-unchecked-setuid-call.patch";
-                 sha256 = "08m9hw4kyfjv0kqns1cqha4v5hkgp4s4z0q1rgif1fnk14xh7wqh";
-               })
+    (fetchpatch {
+      name = "CVE-2014-0470.patch";
+      url = "https://salsa.debian.org/debian/super/raw/debian/3.30.0-7/debian/patches/14-Fix-unchecked-setuid-call.patch";
+      sha256 = "08m9hw4kyfjv0kqns1cqha4v5hkgp4s4z0q1rgif1fnk14xh7wqh";
+    })
  ];

  NIX_CFLAGS_COMPILE = "-D_GNU_SOURCE";