From fe9373460c08c83449657b22c026c806bec92d21 Mon Sep 17 00:00:00 2001 From: Franz Pletz Date: Thu, 5 Jan 2017 06:40:43 +0100 Subject: [PATCH] pythonPackages.pycrypto: add patch to fix CVE-2013-7459 cc #21642 --- pkgs/development/python-modules/pycrypto/default.nix | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/pkgs/development/python-modules/pycrypto/default.nix b/pkgs/development/python-modules/pycrypto/default.nix index 0cbe4491d67..182a8c6f7fa 100644 --- a/pkgs/development/python-modules/pycrypto/default.nix +++ b/pkgs/development/python-modules/pycrypto/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchurl, python, buildPythonPackage, gmp }: +{ stdenv, fetchurl, fetchpatch, python, buildPythonPackage, gmp }: buildPythonPackage rec { name = "pycrypto-2.6.1"; @@ -9,6 +9,14 @@ buildPythonPackage rec { sha256 = "0g0ayql5b9mkjam8hym6zyg6bv77lbh66rv1fyvgqb17kfc1xkpj"; }; + patches = [ + (fetchpatch { + name = "CVE-2013-7459.patch"; + url = "https://anonscm.debian.org/cgit/collab-maint/python-crypto.git/plain/debian/patches/CVE-2013-7459.patch?h=debian/2.6.1-7"; + sha256 = "01r7aghnchc1bpxgdv58qyi2085gh34bxini973xhy3ks7fq3ir9"; + }) + ]; + preConfigure = '' sed -i 's,/usr/include,/no-such-dir,' configure sed -i "s!,'/usr/include/'!!" setup.py