diff options
author | Andreas Rammhold <andreas@rammhold.de> | 2018-06-04 22:10:16 +0200 |
---|---|---|
committer | Andreas Rammhold <andreas@rammhold.de> | 2018-06-04 22:11:09 +0200 |
commit | ea8b37c1c849b9c953f4beadb84cb061d75de40d (patch) | |
tree | 15f228ae9ca8eb7646cda6f3e258a1c455983f9f /pkgs/tools/networking/haproxy/default.nix | |
parent | 6d03390d12dc5c2adb76028d736690eb8bfa5867 (diff) |
haproxy: fix CVE-2018-11469
Diffstat (limited to 'pkgs/tools/networking/haproxy/default.nix')
-rw-r--r-- | pkgs/tools/networking/haproxy/default.nix | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/pkgs/tools/networking/haproxy/default.nix b/pkgs/tools/networking/haproxy/default.nix index d327c109dc2c..e01b62b54f1c 100644 --- a/pkgs/tools/networking/haproxy/default.nix +++ b/pkgs/tools/networking/haproxy/default.nix @@ -1,6 +1,6 @@ { useLua ? !stdenv.isDarwin , usePcre ? true -, stdenv, fetchurl +, stdenv, fetchurl, fetchpatch , openssl, zlib, lua5_3 ? null, pcre ? null }: @@ -17,6 +17,14 @@ stdenv.mkDerivation rec { sha256 = "00miblgwll3mycsgmp3gd3cn4lwsagxzgjxk5i6csnyqgj97fss3"; }; + patches = [ + (fetchpatch { + name = "CVE-2018-11469.patch"; + url = "https://git.haproxy.org/?p=haproxy-1.8.git;a=patch;h=17514045e5d934dede62116216c1b016fe23dd06"; + sha256 = "0hzcvghg8qz45n3mrcgsjgvrvicvbvm52cc4hs5jbk1yb50qvls7"; + }) + ]; + buildInputs = [ openssl zlib ] ++ stdenv.lib.optional useLua lua5_3 ++ stdenv.lib.optional usePcre pcre; |