Merge pull request #78479 from veprbl/pr/CVE-2019-18218_url_fix

[19.09] file: fix download url for CVE-2019-18218
NixOS · Jan 26, 2020 · 5e97c6f · 5e97c6f
2 parents 399c6ca + 5c39e8c
commit 5e97c6f
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/pkgs/tools/misc/file/default.nix b/pkgs/tools/misc/file/default.nix
@@ -15,7 +15,11 @@ stdenv.mkDerivation rec {
   patches = [
     (fetchpatch {
       name = "CVE-2019-18218.patch";
-      url = "https://sources.debian.org/data/main/f/file/1:5.37-6/debian/patches/cherry-pick.FILE5_37-67-g46a8443f.limit-the-number-of-elements-in-a-vector-found-by-oss-fuzz.patch";
+      urls = [
+        "https://src.fedoraproject.org/rpms/file/raw/f6dd8461/f/file-5.37-CVE-2019-18218.patch"
+        "https://git.in-ulm.de/cbiedl/file/raw/054940e842528dca434a92820f9abb89adce0574/debian/patches/cherry-pick.FILE5_37-67-g46a8443f.limit-the-number-of-elements-in-a-vector-found-by-oss-fuzz.patch"
+        "https://sources.debian.org/data/main/f/file/1:5.35-4+deb10u1/debian/patches/cherry-pick.FILE5_37-67-g46a8443f.limit-the-number-of-elements-in-a-vector-found-by-oss-fuzz.patch"
+      ];
       sha256 = "1i22y91yndc3n2p2ngczp1lwil8l05sp8ciicil74xrc5f91y6mj";
     })
   ];