busybox: fix CVE-2022-28391
This commit is contained in:
parent
21761f1191
commit
ac60e92b15
1 changed files with 10 additions and 0 deletions
|
@ -65,6 +65,16 @@ stdenv.mkDerivation rec {
|
||||||
|
|
||||||
patches = [
|
patches = [
|
||||||
./busybox-in-store.patch
|
./busybox-in-store.patch
|
||||||
|
(fetchurl {
|
||||||
|
name = "CVE-2022-28391.patch";
|
||||||
|
url = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch?id=ed92963eb55bbc8d938097b9ccb3e221a94653f4";
|
||||||
|
sha256 = "sha256-yviw1GV+t9tbHbY7YNxEqPi7xEreiXVqbeRyf8c6Awo=";
|
||||||
|
})
|
||||||
|
(fetchurl {
|
||||||
|
name = "CVE-2022-28391.patch";
|
||||||
|
url = "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch?id=ed92963eb55bbc8d938097b9ccb3e221a94653f4";
|
||||||
|
sha256 = "sha256-vl1wPbsHtXY9naajjnTicQ7Uj3N+EQ8pRNnrdsiow+w=";
|
||||||
|
})
|
||||||
] ++ lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) ./clang-cross.patch;
|
] ++ lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) ./clang-cross.patch;
|
||||||
|
|
||||||
separateDebugInfo = true;
|
separateDebugInfo = true;
|
||||||
|
|
Loading…
Reference in a new issue