Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: d1b07d4cc427
Choose a base ref
...
head repository: NixOS/nixpkgs
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 16ee69c8720b
Choose a head ref
  • 1 commit
  • 1 file changed
  • 1 contributor

Commits on Nov 24, 2020

  1. sddm: add patch for CVE-2020-28049 

    > Local privilege escalation due to race condition in creation of the Xauthority file.

Fixes: CVE-2020-28049
(cherry picked from commit faf436e)
    @mweinelt
    mweinelt committed Nov 24, 2020
    Copy the full SHA
    16ee69c View commit details
Showing with 6 additions and 1 deletion.
  1. +6 −1 pkgs/applications/display-managers/sddm/default.nix
7 changes: 6 additions & 1 deletion pkgs/applications/display-managers/sddm/default.nix
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{ mkDerivation, lib, fetchFromGitHub
{ mkDerivation, lib, fetchFromGitHub, fetchpatch
, cmake, extra-cmake-modules, pkgconfig, libxcb, libpthreadstubs
, libXdmcp, libXau, qtbase, qtdeclarative, qtquickcontrols2, qttools, pam, systemd
}:
@@ -19,6 +19,11 @@ in mkDerivation {

patches = [
./sddm-ignore-config-mtime.patch
(fetchpatch {
name = "CVE-2020-28049.patch";
url = "https://github.com/sddm/sddm/commit/be202f533ab98a684c6a007e8d5b4357846bc222.patch";
sha256 = "119zqfldaqs4066wifn64n1xmhv1qd2acd9hcshw9hyl2j84pz8h";
})
];

postPatch =