pyrox.dev / nixpkgs
lol
fork atom

trafficserver: 9.1.3 -> 9.1.4

Fixes CVE-2022-32749 and CVE-2022-40743.

https://raw.githubusercontent.com/apache/trafficserver/9.1.x/CHANGELOG-9.1.4

Thomas Gerbet ede90bb8 91b47e16

options
unified split
Changed files
+3 -9
nixos
tests
trafficserver.nix
pkgs
servers
http
trafficserver
default.nix
+1
nixos/tests/trafficserver.nix 
···

       
172

       
172

       
 

       
        assert re.fullmatch(expected, out) is not None, "no matching logs"


     

       
173

       
173

       
 

       



     

       
174

       
174

       
 

       
        out = json.loads(ats.succeed(f"traffic_logstats -jf {access_log_path}"))


     

       

       
175

       
+

       
        assert isinstance(out, dict)


     

       
175

       
176

       
 

       
        assert out["total"]["error.total"]["req"] == "0", "unexpected log stat"


     

       
176

       
177

       
 

       
  '';


     

       
177

       
178

       
 

       
})
+2 -9
pkgs/servers/http/trafficserver/default.nix 
···

       
50

       
50

       
 

       



     

       
51

       
51

       
 

       
stdenv.mkDerivation rec {


     

       
52

       
52

       
 

       
  pname = "trafficserver";


     

       
53

       

       
-

       
  version = "9.1.3";


     

       

       
53

       
+

       
  version = "9.1.4";


     

       
54

       
54

       
 

       



     

       
55

       
55

       
 

       
  src = fetchzip {


     

       
56

       
56

       
 

       
    url = "mirror://apache/trafficserver/trafficserver-${version}.tar.bz2";


     

       
57

       

       
-

       
    sha256 = "sha256-Ihhsbn4PvIjWskmbWKajThIwtuiEyldBpmtuQ8RdyHA=";


     

       

       
57

       
+

       
    sha256 = "sha256-+iq+z+1JE6JE6OLcUwRRAe2/EISqb6Ax6pNm8GcB7bc=";


     

       
58

       
58

       
 

       
  };


     

       
59

       
59

       
 

       



     

       
60

       
60

       
 

       
  patches = [


     
···

       
107

       
107

       
 

       
      tools/check-unused-dependencies


     

       
108

       
108

       
 

       



     

       
109

       
109

       
 

       
    substituteInPlace configure --replace '/usr/bin/file' '${file}/bin/file'


     

       
110

       

       
-

       



     

       
111

       

       
-

       
    # TODO: remove after the following change has been released


     

       
112

       

       
-

       
    # https://github.com/apache/trafficserver/pull/8683


     

       
113

       

       
-

       
    cp ${catch2}/include/catch2/catch.hpp tests/include/catch.hpp


     

       
114

       
110

       
 

       
  '' + lib.optionalString stdenv.isLinux ''


     

       
115

       
111

       
 

       
    substituteInPlace configure \


     

       
116

       
112

       
 

       
      --replace '/usr/include/linux' '${linuxHeaders}/include/linux'


     
···

       
125

       
121

       
 

       
    "--enable-experimental-plugins"


     

       
126

       
122

       
 

       
    (lib.enableFeature enableWCCP "wccp")


     

       
127

       
123

       
 

       



     

       
128

       

       
-

       
    # the configure script can't auto-locate the following from buildInputs


     

       
129

       

       
-

       
    "--with-lzma=${xz.dev}"


     

       
130

       

       
-

       
    "--with-zlib=${zlib.dev}"


     

       
131

       
124

       
 

       
    (lib.withFeatureAs withHiredis "hiredis" hiredis)


     

       
132

       
125

       
 

       
  ];


     

       
133

       
126