commit 90c0341ca59563864dbfea2d3d751c96ce518332 · pyrox.dev/nixpkgs

+6 -2

pkgs/servers/squid/4.nix

···

       2
       2
        
       , expat, libxml2, openssl }:

     

       3
       3
        
       

     

       4
       4
        
       stdenv.mkDerivation rec {

     

       5
       5
       -
         name = "squid-4.0.21";

     

       5
       5
       +
         name = "squid-4.0.23";

     

       6
       6
        
       

     

       7
       7
        
         src = fetchurl {

     

       8
       8
        
           url = "http://www.squid-cache.org/Versions/v4/${name}.tar.xz";

     

       9
       9
       -
           sha256 = "0cwfj3qpl72k5l1h2rvkv1xg0720rifk4wcvi49z216hznyqwk8m";

     

       9
       9
       +
           sha256 = "0a8g0zs3xayfkxl8maq823b14lckvh9d5lf7ryh9rx303xh1mdqq";

     

       10
       10
        
         };

     

       11
       11
        
       

     

       12
       12
        
         buildInputs = [

     

       13
       13
        
           perl openldap db cyrus_sasl expat libxml2 openssl

     

       14
       14
        
         ] ++ stdenv.lib.optionals stdenv.isLinux [ libcap pam ];

     

       15
       15
       +
       

     

       16
       16
       +
         prePatch = ''

     

       17
       17
       +
           substituteInPlace configure --replace "/usr/local/include/libxml2" "${libxml2.dev}/include/libxml2"

     

       18
       18
       +
         '';

     

       15
       19
        
       

     

       16
       20
        
         configureFlags = [

     

       17
       21
        
           "--enable-ipv6"

+14 -1

pkgs/servers/squid/default.nix

···

       1
       1
       -
       { stdenv, fetchurl, perl, openldap, pam, db, cyrus_sasl, libcap

     

       1
       1
       +
       { stdenv, fetchurl, fetchpatch, perl, openldap, pam, db, cyrus_sasl, libcap

     

       2
       2
        
       , expat, libxml2, openssl }:

     

       3
       3
        
       

     

       4
       4
        
       stdenv.mkDerivation rec {

     
···

       12
       12
        
         buildInputs = [

     

       13
       13
        
           perl openldap db cyrus_sasl expat libxml2 openssl

     

       14
       14
        
         ] ++ stdenv.lib.optionals stdenv.isLinux [ libcap pam ];

     

       15
       15
       +
       

     

       16
       16
       +
         patches = [

     

       17
       17
       +
           (fetchpatch {

     

       18
       18
       +
             name = "CVE-2018-1000024.patch";

     

       19
       19
       +
             url = http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2018_1.patch;

     

       20
       20
       +
             sha256 = "0vzxr4rmybz0w4c1hi3szvqawbzl4r4b8wyvq9vgq1mzkk5invpg";

     

       21
       21
       +
           })

     

       22
       22
       +
           (fetchpatch {

     

       23
       23
       +
             name = "CVE-2018-1000027.patch";

     

       24
       24
       +
             url = http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2018_2.patch;

     

       25
       25
       +
             sha256 = "1a8hwk9z7h1j0c57anfzp3bwjd4pjbyh8aks4ca79nwz4d0y6wf3";

     

       26
       26
       +
           })

     

       27
       27
       +
         ];

     

       15
       28
        
       

     

       16
       29
        
         configureFlags = [

     

       17
       30
        
           "--enable-ipv6"