Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 7b6ec9e3bc78
Choose a base ref
...
head repository: NixOS/nixpkgs
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: fad125262b77
Choose a head ref
  • 1 commit
  • 1 file changed
  • 1 contributor

Commits on Apr 19, 2018

  1. bazaar: Fix CVE-2017-14176 

    (cherry picked from commit 19bc90f)
    @adisbladis
    adisbladis committed Apr 19, 2018
    Copy the full SHA
    fad1252 View commit details
Showing with 10 additions and 2 deletions.
  1. +10 −2 pkgs/applications/version-management/bazaar/default.nix
12 changes: 10 additions & 2 deletions pkgs/applications/version-management/bazaar/default.nix
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
{ stdenv, fetchurl, python2Packages
, fetchpatch
, withSFTP ? true
}:

@@ -17,8 +18,15 @@ python2Packages.buildPythonApplication rec {
propagatedBuildInputs = []
++ stdenv.lib.optionals withSFTP [ python2Packages.paramiko ];

# Bazaar can't find the certificates alone
patches = [ ./add_certificates.patch ];
patches = [
# Bazaar can't find the certificates alone
./add_certificates.patch
(fetchpatch {
url = "https://bazaar.launchpad.net/~brz/brz/trunk/revision/6754";
sha256 = "0mdqa9w1p6cmli6976v4wi0sw9r4p5prkj7lzfd1877wk11c9c73";
name = "CVE-2017-14176.patch";
})
];
postPatch = ''
substituteInPlace bzrlib/transport/http/_urllib2_wrappers.py \
--subst-var-by certPath /etc/ssl/certs/ca-certificates.crt