Merge pull request #130554 from risicle/ris-qemu-CVE-2021-3546

qemu: add patches for CVE-2021-3545, CVE-2021-3546
This commit is contained in:
Maximilian Bosch 2021-07-18 21:51:37 +02:00 committed by GitHub
commit 651fd8be10
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -86,6 +86,16 @@ stdenv.mkDerivation rec {
patches = [ patches = [
./fix-qemu-ga.patch ./fix-qemu-ga.patch
./9p-ignore-noatime.patch ./9p-ignore-noatime.patch
(fetchpatch {
name = "CVE-2021-3545.patch";
url = "https://gitlab.com/qemu-project/qemu/-/commit/121841b25d72d13f8cad554363138c360f1250ea.patch";
sha256 = "13dgfd8dmxcalh2nvb68iv0kyv4xxrvpdqdxf1h3bjr4451glag1";
})
(fetchpatch {
name = "CVE-2021-3546.patch";
url = "https://gitlab.com/qemu-project/qemu/-/commit/9f22893adcb02580aee5968f32baa2cd109b3ec2.patch";
sha256 = "1vkhm9vl671y4cra60b6704339qk1h5dyyb3dfvmvpsvfyh2pm7n";
})
] ++ optional nixosTestRunner ./force-uid0-on-9p.patch ] ++ optional nixosTestRunner ./force-uid0-on-9p.patch
++ optionals stdenv.hostPlatform.isMusl [ ++ optionals stdenv.hostPlatform.isMusl [
(fetchpatch { (fetchpatch {