gettext: apply patch for CVE 2018-18751
Re-include an older automake (1.15) because that's explicitly depended upon.
This commit is contained in:
parent
2771375d6e
commit
3d9e28e96d
3 changed files with 55 additions and 3 deletions
|
@ -1,4 +1,4 @@
|
|||
{ stdenv, lib, fetchurl, libiconv, xz }:
|
||||
{ stdenv, lib, fetchurl, libiconv, xz, bison, automake115x, autoconf }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "gettext-${version}";
|
||||
|
@ -8,7 +8,14 @@ stdenv.mkDerivation rec {
|
|||
url = "mirror://gnu/gettext/${name}.tar.gz";
|
||||
sha256 = "0hsw28f9q9xaggjlsdp2qmbp2rbd1mp0njzan2ld9kiqwkq2m57z";
|
||||
};
|
||||
patches = [ ./absolute-paths.diff ];
|
||||
patches = [
|
||||
./absolute-paths.diff
|
||||
(fetchurl {
|
||||
name = "CVE-2018-18751.patch";
|
||||
url = "https://git.savannah.gnu.org/gitweb/?p=gettext.git;a=patch;h=dce3a16e5e9368245735e29bf498dcd5e3e474a4";
|
||||
sha256 = "1lpjwwcjr1sb879faj0xyzw02kma0ivab6xwn3qciy13qy6fq5xn";
|
||||
})
|
||||
];
|
||||
|
||||
outputs = [ "out" "man" "doc" "info" ];
|
||||
|
||||
|
@ -40,7 +47,7 @@ stdenv.mkDerivation rec {
|
|||
sed -i -e "s/\(libgettextsrc_la_LDFLAGS = \)/\\1..\/gnulib-lib\/libxml_rpl.la /" gettext-tools/src/Makefile.in
|
||||
'';
|
||||
|
||||
nativeBuildInputs = [ xz xz.bin ];
|
||||
nativeBuildInputs = [ xz xz.bin bison automake115x autoconf];
|
||||
# HACK, see #10874 (and 14664)
|
||||
buildInputs = stdenv.lib.optional (!stdenv.isLinux && !stdenv.hostPlatform.isCygwin) libiconv;
|
||||
|
||||
|
|
43
pkgs/development/tools/misc/automake/automake-1.15.x.nix
Normal file
43
pkgs/development/tools/misc/automake/automake-1.15.x.nix
Normal file
|
@ -0,0 +1,43 @@
|
|||
{ stdenv, fetchurl, perl, autoconf }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "automake-1.15";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://gnu/automake/${name}.tar.xz";
|
||||
sha256 = "0dl6vfi2lzz8alnklwxzfz624b95hb1ipjvd3mk177flmddcf24r";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ autoconf perl ];
|
||||
buildInputs = [ autoconf ];
|
||||
|
||||
setupHook = ./setup-hook.sh;
|
||||
|
||||
# Disable indented log output from Make, otherwise "make.test" will
|
||||
# fail.
|
||||
preCheck = "unset NIX_INDENT_MAKE";
|
||||
doCheck = false; # takes _a lot_ of time, fails 3 out of 2698 tests, all seem to be related to paths
|
||||
doInstallCheck = false; # runs the same thing, fails the same tests
|
||||
|
||||
# The test suite can run in parallel.
|
||||
enableParallelBuilding = true;
|
||||
|
||||
# Don't fixup "#! /bin/sh" in Libtool, otherwise it will use the
|
||||
# "fixed" path in generated files!
|
||||
dontPatchShebangs = true;
|
||||
|
||||
meta = {
|
||||
branch = "1.15";
|
||||
homepage = https://www.gnu.org/software/automake/;
|
||||
description = "GNU standard-compliant makefile generator";
|
||||
license = stdenv.lib.licenses.gpl2Plus;
|
||||
|
||||
longDescription = ''
|
||||
GNU Automake is a tool for automatically generating
|
||||
`Makefile.in' files compliant with the GNU Coding
|
||||
Standards. Automake requires the use of Autoconf.
|
||||
'';
|
||||
|
||||
platforms = stdenv.lib.platforms.all;
|
||||
};
|
||||
}
|
|
@ -8519,6 +8519,8 @@ in
|
|||
|
||||
automake111x = callPackage ../development/tools/misc/automake/automake-1.11.x.nix { };
|
||||
|
||||
automake115x = callPackage ../development/tools/misc/automake/automake-1.15.x.nix { };
|
||||
|
||||
automake116x = callPackage ../development/tools/misc/automake/automake-1.16.x.nix { };
|
||||
|
||||
automoc4 = callPackage ../development/tools/misc/automoc4 { };
|
||||
|
|
Loading…
Reference in a new issue