From 1279016787f72d004c09b1fb562a0f6946bfdc4b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= Date: Fri, 5 Apr 2019 21:03:59 +0200 Subject: [PATCH] Re-Revert "Merge #58997 gettext: apply patch for CVE 2018-1875" This reverts commit 742416addbb5665f39c98337a921eb52f37adf85. Moved to staging. --- .../development/libraries/gettext/default.nix | 13 ++++-- .../tools/misc/automake/automake-1.15.x.nix | 43 +++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 + 3 files changed, 55 insertions(+), 3 deletions(-) create mode 100644 pkgs/development/tools/misc/automake/automake-1.15.x.nix diff --git a/pkgs/development/libraries/gettext/default.nix b/pkgs/development/libraries/gettext/default.nix index 8ed898813aef0b..1dae2c443c8c1e 100644 --- a/pkgs/development/libraries/gettext/default.nix +++ b/pkgs/development/libraries/gettext/default.nix @@ -1,4 +1,4 @@ -{ stdenv, lib, fetchurl, libiconv, xz }: +{ stdenv, lib, fetchurl, libiconv, xz, bison, automake115x, autoconf }: stdenv.mkDerivation rec { name = "gettext-${version}"; @@ -8,7 +8,14 @@ stdenv.mkDerivation rec { url = "mirror://gnu/gettext/${name}.tar.gz"; sha256 = "0hsw28f9q9xaggjlsdp2qmbp2rbd1mp0njzan2ld9kiqwkq2m57z"; }; - patches = [ ./absolute-paths.diff ]; + patches = [ + ./absolute-paths.diff + (fetchurl { + name = "CVE-2018-18751.patch"; + url = "https://git.savannah.gnu.org/gitweb/?p=gettext.git;a=patch;h=dce3a16e5e9368245735e29bf498dcd5e3e474a4"; + sha256 = "1lpjwwcjr1sb879faj0xyzw02kma0ivab6xwn3qciy13qy6fq5xn"; + }) + ]; outputs = [ "out" "man" "doc" "info" ]; @@ -40,7 +47,7 @@ stdenv.mkDerivation rec { sed -i -e "s/\(libgettextsrc_la_LDFLAGS = \)/\\1..\/gnulib-lib\/libxml_rpl.la /" gettext-tools/src/Makefile.in ''; - nativeBuildInputs = [ xz xz.bin ]; + nativeBuildInputs = [ xz xz.bin bison automake115x autoconf]; # HACK, see #10874 (and 14664) buildInputs = stdenv.lib.optional (!stdenv.isLinux && !stdenv.hostPlatform.isCygwin) libiconv; diff --git a/pkgs/development/tools/misc/automake/automake-1.15.x.nix b/pkgs/development/tools/misc/automake/automake-1.15.x.nix new file mode 100644 index 00000000000000..e1aeb025c30f05 --- /dev/null +++ b/pkgs/development/tools/misc/automake/automake-1.15.x.nix @@ -0,0 +1,43 @@ +{ stdenv, fetchurl, perl, autoconf }: + +stdenv.mkDerivation rec { + name = "automake-1.15"; + + src = fetchurl { + url = "mirror://gnu/automake/${name}.tar.xz"; + sha256 = "0dl6vfi2lzz8alnklwxzfz624b95hb1ipjvd3mk177flmddcf24r"; + }; + + nativeBuildInputs = [ autoconf perl ]; + buildInputs = [ autoconf ]; + + setupHook = ./setup-hook.sh; + + # Disable indented log output from Make, otherwise "make.test" will + # fail. + preCheck = "unset NIX_INDENT_MAKE"; + doCheck = false; # takes _a lot_ of time, fails 3 out of 2698 tests, all seem to be related to paths + doInstallCheck = false; # runs the same thing, fails the same tests + + # The test suite can run in parallel. + enableParallelBuilding = true; + + # Don't fixup "#! /bin/sh" in Libtool, otherwise it will use the + # "fixed" path in generated files! + dontPatchShebangs = true; + + meta = { + branch = "1.15"; + homepage = https://www.gnu.org/software/automake/; + description = "GNU standard-compliant makefile generator"; + license = stdenv.lib.licenses.gpl2Plus; + + longDescription = '' + GNU Automake is a tool for automatically generating + `Makefile.in' files compliant with the GNU Coding + Standards. Automake requires the use of Autoconf. + ''; + + platforms = stdenv.lib.platforms.all; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index dd5ce3a4f53175..06682fc4dc4cf8 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -8537,6 +8537,8 @@ in automake111x = callPackage ../development/tools/misc/automake/automake-1.11.x.nix { }; + automake115x = callPackage ../development/tools/misc/automake/automake-1.15.x.nix { }; + automake116x = callPackage ../development/tools/misc/automake/automake-1.16.x.nix { }; automoc4 = callPackage ../development/tools/misc/automoc4 { };