samba4: apply patch for CVE-2019-3824

2019-03-20 14:04:31 +01:00 · 2019-03-20 14:04:31 +01:00 · 5acc543233
commit 5acc543233
parent 84c1b2fbd8
1 changed files with 8 additions and 0 deletions
--- a/pkgs/servers/samba/4.x.nix
+++ b/pkgs/servers/samba/4.x.nix
@ -33,10 +33,18 @@ stdenv.mkDerivation rec {
    [ ./4.x-no-persistent-install.patch
      ./patch-source3__libads__kerberos_keytab.c.patch
      ./4.x-no-persistent-install-dynconfig.patch
+
+      # conditionall disable MacOS incompatible tests
      (fetchpatch {
        url = "https://patch-diff.githubusercontent.com/raw/samba-team/samba/pull/107.patch";
        sha256 = "0r6q34vjj0bdzmcbnrkad9rww58k4krbwicv4gs1g3dj49skpvd6";
      })
+
+      (fetchpatch {
+        name = "CVE-2019-3824.patch";
+        url = "https://attachments.samba.org/attachment.cgi?id=14859";
+        sha256 = "02qf3zr55mzbimqdv01k3b22jjb084vfr5zabapyr5h1f588mw0q";
+      })
    ];

  buildInputs =