Created
June 16, 2019 11:29
-
-
Save mmahut/5390f0e6ab1528274404b24a0337438c to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
mmahut@highhopes ~/repo/nixpkgs (curlCVE) $ git show | |
commit 5dd0191d8ad29decf86b9d24a78e7dfbdc477d49 (HEAD -> curlCVE) | |
Author: Marek Mahut <marek.mahut@satoshilabs.com> | |
Date: Sun Jun 16 13:26:15 2019 +0200 | |
wip | |
diff --git a/pkgs/tools/networking/curl/default.nix b/pkgs/tools/networking/curl/default.nix | |
index b165142d85a..6545f91e5ff 100644 | |
--- a/pkgs/tools/networking/curl/default.nix | |
+++ b/pkgs/tools/networking/curl/default.nix | |
@@ -1,4 +1,4 @@ | |
-{ stdenv, lib, fetchurl, pkgconfig, perl | |
+{ stdenv, lib, fetchurl, pkgconfig, perl, fetchpatch | |
, http2Support ? true, nghttp2 | |
, idnSupport ? false, libidn ? null | |
, ldapSupport ? false, openldap ? null | |
@@ -34,6 +34,14 @@ stdenv.mkDerivation rec { | |
sha256 = "1szj9ia1snbfqzfcsk6hx1j7jhbqsy0f9k5d7x9xiy8w5lfblwym"; | |
}; | |
+ patches = [ | |
+ (fetchpatch { | |
+ url = "https://github.com/curl/curl/commit/5fc28510a4664f4.patch"; | |
+ name = "CVE-2019-5435.patch"; | |
+ sha256 = "1szj9iaoonbfqzfcsk6hx1j7jhbqsy0f9k5d7x9xiy8w5lfblwyo"; | |
+ }) | |
+ ]; | |
+ | |
outputs = [ "bin" "dev" "out" "man" "devdoc" ]; | |
separateDebugInfo = stdenv.isLinux; | |
mmahut@highhopes ~/repo/nixpkgs (curlCVE) $ nix-build -A curl --show-trace | |
error: while evaluating the attribute 'configureFlags' of the derivation 'curl-7.64.0' at /home/mmahut/repo/nixpkgs/pkgs/tools/networking/curl/default.nix:27:3: | |
while evaluating the attribute 'nativeBuildInputs' of the derivation 'openssl-1.0.2r' at /home/mmahut/repo/nixpkgs/pkgs/development/libraries/openssl/default.nix:11:5: | |
while evaluating the attribute 'patches' of the derivation 'perl-5.28.1' at /home/mmahut/repo/nixpkgs/pkgs/development/interpreters/perl/default.nix:29:5: | |
while evaluating the attribute 'nativeBuildInputs' of the derivation '0001-Fix-missing-build-dependency-for-pods.patch' at /home/mmahut/repo/nixpkgs/pkgs/build-support/fetchurl/default.nix:115:3: | |
while evaluating the attribute 'patches' of the derivation 'curl-7.64.0' at /home/mmahut/repo/nixpkgs/pkgs/tools/networking/curl/default.nix:27:3: | |
while evaluating the attribute 'nativeBuildInputs' of the derivation 'CVE-2019-5435.patch' at /home/mmahut/repo/nixpkgs/pkgs/build-support/fetchurl/default.nix:115:3: | |
infinite recursion encountered, at undefined position | |
mmahut@highhopes ~/repo/nixpkgs (curlCVE) $ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment