Skip to content
This repository was archived by the owner on Apr 12, 2021. It is now read-only.
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: f4b2ae96cc81
Choose a base ref
...
head repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 680f9d7ea90d
Choose a head ref
  • 3 commits
  • 2 files changed
  • 1 contributor

Commits on Mar 20, 2019

  1. ldb: apply patch for CVE-2019-3824

    @andir
    andir committed Mar 20, 2019

    Verified

    This commit was signed with the committer’s verified signature.
    Mic92 Jörg Thalheim
    GPG key ID: CA4106B8D7CC79FA
    Verified
    Learn about vigilant mode
    Copy the full SHA
    5a3d8d7 View commit details

  2. samba4: apply patch for CVE-2019-3824

    @andir
    andir committed Mar 20, 2019
    Copy the full SHA
    8288fbd View commit details

Commits on Mar 22, 2019

  1. Merge pull request #57962 from andir/18.09/samba 

    [18.09] samba/ldb: fix CVE-2019-3824
    @andir
    andir authored Mar 22, 2019
    Copy the full SHA
    680f9d7 View commit details
Showing with 19 additions and 0 deletions.
  1. +11 −0 pkgs/development/libraries/ldb/default.nix
  2. +8 −0 pkgs/servers/samba/4.x.nix
11 changes: 11 additions & 0 deletions pkgs/development/libraries/ldb/default.nix
View file
Original file line number Diff line number Diff line change
@@ -19,6 +19,17 @@ stdenv.mkDerivation rec {
cmocka
];

patches = [
# CVE-2019-3824
# downloading the patch from debian as they have ported the patch from samba to ldb but otherwise is identical to
# https://bugzilla.samba.org/attachment.cgi?id=14857
(fetchurl {
name = "CVE-2019-3824.patch";
url = "https://sources.debian.org/data/main/l/ldb/2:1.1.27-1+deb9u1/debian/patches/CVE-2019-3824-master-v4-5-02.patch";
sha256 = "1idnqckvjh18rh9sbq90rr4sxfviha9nd1ca9pd6lai0y6r6q4yd";
})
];

preConfigure = ''
sed -i 's,#!/usr/bin/env python,#!${python}/bin/python,g' buildtools/bin/waf
'';
8 changes: 8 additions & 0 deletions pkgs/servers/samba/4.x.nix
View file
Original file line number Diff line number Diff line change
@@ -35,10 +35,18 @@ stdenv.mkDerivation rec {
[ ./4.x-no-persistent-install.patch
./patch-source3__libads__kerberos_keytab.c.patch
./4.x-no-persistent-install-dynconfig.patch

# conditionall disable MacOS incompatible tests
(fetchpatch {
url = "https://patch-diff.githubusercontent.com/raw/samba-team/samba/pull/107.patch";
sha256 = "0r6q34vjj0bdzmcbnrkad9rww58k4krbwicv4gs1g3dj49skpvd6";
})

(fetchpatch {
name = "CVE-2019-3824.patch";
url = "https://attachments.samba.org/attachment.cgi?id=14859";
sha256 = "02qf3zr55mzbimqdv01k3b22jjb084vfr5zabapyr5h1f588mw0q";
})
];

buildInputs =