pyrox.dev / nixpkgs
lol
fork atom

Merge pull request #125554 from mweinelt/polkit

polkit: Fix authentication bypass vulnerability

Luke Granger-Brown 2e88b6f9 2959ad27

options
unified split
Changed files
+7
pkgs
development
libraries
polkit
default.nix
+7
pkgs/development/libraries/polkit/default.nix 
···

       
34

       
34

       
 

       
      url = "https://gitlab.freedesktop.org/polkit/polkit/commit/5dd4e22efd05d55833c4634b56e473812b5acbf2.patch";


     

       
35

       
35

       
 

       
      sha256 = "17lv7xj5ksa27iv4zpm4zwd4iy8zbwjj4ximslfq3sasiz9kxhlp";


     

       
36

       
36

       
 

       
    })


     

       

       
37

       
+

       
    (fetchpatch {


     

       

       
38

       
+

       
      # https://www.openwall.com/lists/oss-security/2021/06/03/1


     

       

       
39

       
+

       
      # https://gitlab.freedesktop.org/polkit/polkit/-/merge_requests/79


     

       

       
40

       
+

       
      name = "CVE-2021-3560.patch";


     

       

       
41

       
+

       
      url = "https://gitlab.freedesktop.org/polkit/polkit/-/commit/a04d13affe0fa53ff618e07aa8f57f4c0e3b9b81.patch";


     

       

       
42

       
+

       
      sha256 = "157ddsizgr290jsb8fpafrc37gc1qw5pdvl351vnn3pzhqs7n6f4";


     

       

       
43

       
+

       
    })


     

       
37

       
44

       
 

       
  ] ++ lib.optionals stdenv.hostPlatform.isMusl [


     

       
38

       
45

       
 

       
    # Make netgroup support optional (musl does not have it)


     

       
39

       
46

       
 

       
    # Upstream MR: https://gitlab.freedesktop.org/polkit/polkit/merge_requests/10