Skip to content

Commit

Permalink
dnsmasq: Patch CVE-2017-15107
Browse files Browse the repository at this point in the history 
(cherry picked from commit b492e2a)
  • Loading branch information
@adisbladis
adisbladis committed Feb 23, 2018
1 parent ea0c4b5 commit d30d30c
Showing 1 changed file with 11 additions and 1 deletion.
12 changes: 11 additions & 1 deletion pkgs/tools/networking/dnsmasq/default.nix
View file
@@ -1,4 +1,4 @@
{ stdenv, fetchurl, pkgconfig, dbus_libs, nettle, libidn, libnetfilter_conntrack }:
{ stdenv, fetchurl, pkgconfig, dbus_libs, nettle, libidn, libnetfilter_conntrack, fetchpatch }:

with stdenv.lib;
let
Expand All @@ -18,6 +18,16 @@ stdenv.mkDerivation rec {
sha256 = "0ar5h5v3kas2qx2wgy5iqin15gc4jhqrqs067xacgc3lii1rz549";
};

patches = [
(fetchpatch {
name = "CVE-2017-15107.patch";
url = "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=patch;h=4fe6744a220eddd3f1749b40cac3dfc510787de6";
sha256 = "0r8grhh1q46z8v6manx1vvfpf2vmchfzsg7l1djh63b1fy1mbjkk";
# changelog does not apply cleanly but its safe to skip
excludes = [ "CHANGELOG" ];
})
];

preBuild = ''
makeFlagsArray=("COPTS=${copts}")
'';
Expand Down

0 comments on commit d30d30c

Please sign in to comment.