colin/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

upx: apply patch for CVE-2021-20285

Browse Source 
Did not bump to 4.0.0 yet because the 4.0.0 release is affected by CVE-2021-30500 and CVE-2021-30501.
The patch for CVE-2021-30500 does not apply cleanly on top of 4.0.0.
This commit is contained in:
Thomas Gerbet 2022-11-05 18:35:20 +01:00
parent 19bf0264bb
commit e43e91a2a2
1 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
pkgs/tools/compression/upx/default.nix
View File

@ -1,4 +1,4 @@
{ lib, stdenv, fetchurl, ucl, zlib, perl }:
{ lib, stdenv, fetchurl, ucl, zlib, perl, fetchpatch }:
stdenv.mkDerivation rec {
pname = "upx";
@ -10,6 +10,14 @@ stdenv.mkDerivation rec {
buildInputs = [ ucl zlib perl ];
patches = [
(fetchpatch {
url = "https://github.com/upx/upx/commit/13bc031163863cb3866aa6cdc018dff0697aa5d4.patch";
sha256 = "sha256-7uazgx1lOgHh2J7yn3yb1q9lTJsv4BbexdGlWRiAG/M=";
name = "CVE-2021-20285.patch";
})
];
preConfigure = ''
export UPX_UCLDIR=${ucl}
'';