glibc: 2.31 -> 2.32

ChangeLog: https://sourceware.org/pipermail/libc-announce/2020/000029.html Patches removed: * `rpcgen-path.patch` is obsolete as the support for SunOS RPC has been removed in 2.32[1]. * The vulnerabilities CVE-2020-1752[2] & CVE-2020-10029[3] are fixed in `glibc-2.32`[4][5], thus applying those manually isn't necessary anymore. I also added myself as second maintainer as I'm quite regularly doing `glibc`-related stuff in `nixpkgs`, so let's make this situation official. [1] https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=5500cdba4018ddbda7909bc7f4f9718610b43cf0 [2] https://nvd.nist.gov/vuln/detail/CVE-2020-1752 [3] https://nvd.nist.gov/vuln/detail/CVE-2020-10029 [4] Commit 9333498794cde1d5cca518badf79533a24114b6f (CVE-2020-1752) [5] Commit ddc650e9b3dc916eab417ce9f79e67337b05035c (CVE-2020-10029)
NixOS · Sep 12, 2020 · 30286eb · 30286eb
1 parent 2e075ba
commit 30286eb
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 154 deletions.
diff --git a/pkgs/development/libraries/glibc/2.30-cve-2020-1752.patch b/pkgs/development/libraries/glibc/2.30-cve-2020-1752.patch
diff --git a/pkgs/development/libraries/glibc/2.31-cve-2020-10029.patch b/pkgs/development/libraries/glibc/2.31-cve-2020-10029.patch
diff --git a/pkgs/development/libraries/glibc/common.nix b/pkgs/development/libraries/glibc/common.nix
@@ -41,9 +41,9 @@
 } @ args:
 
 let
-  version = "2.31";
+  version = "2.32";
   patchSuffix = "";
-  sha256 = "05zxkyz9bv3j9h0xyid1rhvh3klhsmrpkf3bcs6frvlgyr2gwilj";
+  sha256 = "0di848ibffrnwq7g2dvgqrnn4xqhj3h96csn69q4da51ymafl9qn";
 in
 
 assert withLinuxHeaders -> linuxHeaders != null;
@@ -59,9 +59,6 @@ stdenv.mkDerivation ({
 
   patches =
     [
-      /* Have rpcgen(1) look for cpp(1) in $PATH.  */
-      ./rpcgen-path.patch
-
       /* Allow NixOS and Nix to handle the locale-archive. */
       ./nix-locale-archive.patch
 
@@ -113,8 +110,6 @@ stdenv.mkDerivation ({
       })
 
       ./fix-x64-abi.patch
-      ./2.30-cve-2020-1752.patch
-      ./2.31-cve-2020-10029.patch
     ]
     ++ lib.optional stdenv.hostPlatform.isMusl ./fix-rpc-types-musl-conflicts.patch
     ++ lib.optional stdenv.buildPlatform.isDarwin ./darwin-cross-build.patch;
@@ -146,8 +141,6 @@ stdenv.mkDerivation ({
   configureFlags =
     [ "-C"
       "--enable-add-ons"
-      "--enable-obsolete-nsl"
-      "--enable-obsolete-rpc"
       "--sysconfdir=/etc"
       "--enable-stackguard-randomization"
       (lib.withFeatureAs withLinuxHeaders "headers" "${linuxHeaders}/include")
@@ -226,7 +219,7 @@ stdenv.mkDerivation ({
 
   doCheck = false; # fails
 
-  meta = {
+  meta = with lib; {
     homepage = "https://www.gnu.org/software/libc/";
     description = "The GNU C Library";
 
@@ -239,10 +232,10 @@ stdenv.mkDerivation ({
          most systems with the Linux kernel.
       '';
 
-    license = lib.licenses.lgpl2Plus;
+    license = licenses.lgpl2Plus;
 
-    maintainers = [ lib.maintainers.eelco ];
-    platforms = lib.platforms.linux;
+    maintainers = with maintainers; [ eelco ma27 ];
+    platforms = platforms.linux;
   } // meta;
 }