nathan/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2026-06-05 21:03:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
d75964c0983b7c7639a0502103faa53b4f4083a1
nixpkgs/pkgs/tools/compression/bzip2/default.nix
Robert Schütz ac824a1dff bzip2: patch CVE-2026-42250 
(cherry picked from commit a7b6fa34c1)
2026-06-02 18:03:03 +00:00

88 lines
2.3 KiB
Nix
Raw Blame History

{
lib,
stdenv,
fetchurl,
enableStatic ? with stdenv.hostPlatform; isStatic || isCygwin,
enableShared ? true,
autoreconfHook,
testers,
}:
# Note: this package is used for bootstrapping fetchurl, and thus
# cannot use fetchpatch! All mutable patches (generated by GitHub or
# cgit) that are needed here should be included directly in Nixpkgs as
# files.
stdenv.mkDerivation (
finalAttrs:
let
inherit (finalAttrs) version;
in
{
pname = "bzip2";
version = "1.0.8";
src = fetchurl {
url = "https://sourceware.org/pub/bzip2/bzip2-${version}.tar.gz";
sha256 = "sha256-q1oDF27hBtPw+pDjgdpHjdrkBZGBU8yiSOaCzQxKImk=";
};
patchFlags = [ "-p0" ];
patches = [
# https://sourceware.org/cgit/bzip2/patch/?id=35d122a3df8b0cc4082a4d89fdc6ee99f375fe67
./patches/CVE-2026-42250.patch
./patches/bzip2-1.0.6.2-autoconfiscated.patch
];
# Fix up hardcoded version from the above patch, e.g. seen in bzip2.pc or libbz2.so.1.0.N
postPatch = ''
patch <<-EOF
--- configure.ac
+++ configure.ac
@@ -3,3 +3,3 @@
-AC_INIT([bzip2], [1.0.6], [Julian Seward <jseward@bzip.org>])
+AC_INIT([bzip2], [${version}], [Julian Seward <jseward@bzip.org>])
BZIP2_LT_CURRENT=1
-BZIP2_LT_REVISION=6
+BZIP2_LT_REVISION=${lib.versions.patch version}
EOF
'';
strictDeps = true;
nativeBuildInputs = [ autoreconfHook ];
outputs = [
"bin"
"dev"
"out"
"man"
];
configureFlags = lib.concatLists [
(lib.optional enableStatic "--enable-static")
(lib.optional (!enableShared) "--disable-shared")
];
dontDisableStatic = enableStatic;
enableParallelBuilding = true;
postInstall = ''
ln -s $out/lib/libbz2.so.1.0.* $out/lib/libbz2.so.1.0
'';
passthru.tests.pkg-config = testers.testMetaPkgConfig finalAttrs.finalPackage;
meta = {
description = "High-quality data compression program";
homepage = "https://www.sourceware.org/bzip2";
changelog = "https://sourceware.org/git/?p=bzip2.git;a=blob;f=CHANGES;hb=HEAD";
license = lib.licenses.bsdOriginal;
pkgConfigModules = [ "bzip2" ];
platforms = lib.platforms.all;
maintainers = with lib.maintainers; [ mic92 ];
};
}
)
Reference in New Issue View Git Blame Copy Permalink