chn/nixpkgs
1
0
Fork 0
mirror of https://github.com/CHN-beta/nixpkgs.git synced 2026-01-12 02:40:31 +08:00
Code Issues Packages Projects Releases Wiki Activity

busybox: apply Alpine's patch for tar TOCTOU (#431370)

Browse Source
This commit is contained in:
Vladimír Čunát
2025-08-09 09:48:19 +02:00
parent f1d5e993ec a8f8a8fc30
commit 85dbfc7aaf
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
pkgs/os-specific/linux/busybox/default.nix
View File

@@ -106,6 +106,10 @@ stdenv.mkDerivation rec {
url = "https://git.alpinelinux.org/aports/plain/main/busybox/CVE-2023-42364-CVE-2023-42365.patch?id=8a4bf5971168bf48201c05afda7bee0fbb188e13";
hash = "sha256-nQPgT9eA1asCo38Z9X7LR9My0+Vz5YBPba3ARV3fWcc=";
})
(fetchurl {
url = "https://git.alpinelinux.org/aports/plain/main/busybox/0001-tar-fix-TOCTOU-symlink-race-condition.patch?id=9e42dea5fba84a8afad1f1910b7d3884128a567e";
hash = "sha256-GmXQhwB1/IPVjXXpGi5RjRvuGJgIMIb7lQKB63m306g=";
})
]
++ lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) ./clang-cross.patch;