|
|
|
@ -1,4 +1,4 @@ |
|
|
|
|
{ stdenv, lib, fetchurl, autoreconfHook, docutils, pkg-config |
|
|
|
|
{ stdenv, lib, fetchurl, fetchpatch, autoreconfHook, docutils, pkg-config |
|
|
|
|
, libkrb5, keyutils, pam, talloc, python3 }: |
|
|
|
|
|
|
|
|
|
stdenv.mkDerivation rec { |
|
|
|
@ -10,6 +10,16 @@ stdenv.mkDerivation rec { |
|
|
|
|
sha256 = "sha256-ZgnoB0tUISlf8BKjHwLM2aBYQVxhnIE2Lrt4jb8HVrg="; |
|
|
|
|
}; |
|
|
|
|
|
|
|
|
|
patches = [ |
|
|
|
|
(fetchpatch { |
|
|
|
|
# Fix buffer-overflow in handling of ip= parameter in mount.cifs |
|
|
|
|
# https://www.openwall.com/lists/oss-security/2022/04/27/5 |
|
|
|
|
name = "CVE-2022-27239.patch"; |
|
|
|
|
url = "https://github.com/piastry/cifs-utils/commit/007c07fd91b6d42f8bd45187cf78ebb06801139d.patch"; |
|
|
|
|
sha256 = "sha256-3uoHso2q17r2bcEW+ZjYUWsW4OIGYA7kxYZxQQy0JOg="; |
|
|
|
|
}) |
|
|
|
|
]; |
|
|
|
|
|
|
|
|
|
nativeBuildInputs = [ autoreconfHook docutils pkg-config ]; |
|
|
|
|
|
|
|
|
|
buildInputs = [ libkrb5 keyutils pam talloc python3 ]; |
|
|
|
|