Merge pull request #152261 from Moredread/mediathekview-log4j-master

mediathekview: CVE-2021-45105 (log4j) mitigation
2021-12-28 07:16:13 +00:00 · 2021-12-28 07:16:13 +00:00 · 829d6970a3
commit 829d6970a3
parent 1c854f5f0a 2a360652e2
1 changed files with 5 additions and 2 deletions
--- a/pkgs/applications/video/mediathekview/default.nix
+++ b/pkgs/applications/video/mediathekview/default.nix
@ -1,4 +1,4 @@
-{ lib, stdenv, fetchurl, makeWrapper, jre }:
+{ lib, stdenv, fetchurl, makeWrapper, jre, zip }:

 stdenv.mkDerivation rec {
  version = "13.8.0";
@ -8,13 +8,16 @@ stdenv.mkDerivation rec {
    sha256 = "0zfkwz5psv7m0881ykgqrxwjhadg39c55aj2wpy7m1jdara86c5q";
  };

-  nativeBuildInputs = [ makeWrapper ];
+  nativeBuildInputs = [ makeWrapper zip ];

  installPhase = ''
    runHook preInstall

    mkdir -p $out/{bin,lib}

+    # log4j mitigation, see https://logging.apache.org/log4j/2.x/security.html
+    zip -d MediathekView.jar org/apache/logging/log4j/core/lookup/JndiLookup.class
+
    install -m644 MediathekView.jar $out/lib

    makeWrapper ${jre}/bin/java $out/bin/mediathek \