Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 9e480c5dfa19
Choose a base ref
...
head repository: NixOS/nixpkgs
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 3aa8f9448cfd
Choose a head ref
  • 1 commit
  • 1 file changed
  • 1 contributor

Commits on Jun 16, 2019

  1. zziplib: patch CVE-2018-17828 

    Fixes #61961
Close #63189
vcunat amended some nitpicks into the original commit.
    @mmahut @vcunat
    mmahut authored and vcunat committed Jun 16, 2019
    Copy the full SHA
    3aa8f94 View commit details
Showing with 8 additions and 1 deletion.
  1. +8 −1 pkgs/development/libraries/zziplib/default.nix
9 changes: 8 additions & 1 deletion pkgs/development/libraries/zziplib/default.nix
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{ docbook_xml_dtd_412, fetchurl, stdenv, perl, python2, zip, xmlto, zlib }:
{ docbook_xml_dtd_412, fetchurl, stdenv, perl, python2, zip, xmlto, zlib, fetchpatch }:

stdenv.mkDerivation rec {
name = "zziplib-${version}";
@@ -9,6 +9,13 @@ stdenv.mkDerivation rec {
sha256 = "0i052a7shww0fzsxrdp3rd7g4mbzx7324a8ysbc0br7frpblcql4";
};

patches = [
(fetchpatch {
name = "CVE-2018-17828.patch";
url = "https://github.com/gdraheim/zziplib/commit/f609ae8971f3c0ce6.diff";
sha256 = "0jhiz4fgr93wzh6q03avn95b2nsf6402jaki6hxirxyhs5v9ahry";
})
];
postPatch = ''
sed -i -e s,--export-dynamic,, configure
'';