evil-winrm: Update gems to fix rexml vulnerability

2025-03-23 09:17:40 -05:00 · 2025-03-23 09:17:40 -05:00 · d368851be7
commit d368851be7
parent f3a2a0601e
3 changed files with 44 additions and 28 deletions
--- a/pkgs/by-name/ev/evil-winrm/Gemfile.lock
+++ b/pkgs/by-name/ev/evil-winrm/Gemfile.lock
@ -2,30 +2,32 @@ GEM
  remote: https://rubygems.org/
  specs:
    base64 (0.2.0)
-    bigdecimal (3.1.8)
+    bigdecimal (3.1.9)
    builder (3.3.0)
-    erubi (1.13.0)
-    ffi (1.17.0)
-    fileutils (1.7.2)
+    erubi (1.13.1)
+    ffi (1.17.1)
+    fileutils (1.7.3)
    gssapi (1.3.1)
      ffi (>= 1.0.1)
    gyoku (1.4.0)
      builder (>= 2.1.2)
      rexml (~> 3.0)
-    httpclient (2.8.3)
+    httpclient (2.9.0)
+      mutex_m
    little-plugger (1.1.4)
-    logger (1.6.1)
+    logger (1.6.6)
    logging (2.4.0)
      little-plugger (~> 1.1)
      multi_json (~> 1.14)
    multi_json (1.15.0)
+    mutex_m (0.3.0)
    nori (2.7.1)
      bigdecimal
-    rexml (3.3.8)
+    rexml (3.4.1)
    rubyntlm (0.6.5)
      base64
-    rubyzip (2.3.2)
-    stringio (3.1.1)
+    rubyzip (2.4.1)
+    stringio (3.1.5)
    winrm (2.3.9)
      builder (>= 2.1.2)
      erubi (~> 1.8)
@ -53,4 +55,4 @@ DEPENDENCIES
  winrm-fs

 BUNDLED WITH
-   2.2.24
+   2.6.2
--- a/pkgs/by-name/ev/evil-winrm/gemset.nix
+++ b/pkgs/by-name/ev/evil-winrm/gemset.nix
@ -14,10 +14,10 @@
    platforms = [ ];
    source = {
      remotes = [ "https://rubygems.org" ];
-      sha256 = "1gi7zqgmqwi5lizggs1jhc3zlwaqayy9rx2ah80sxy24bbnng558";
+      sha256 = "1k6qzammv9r6b2cw3siasaik18i6wjc5m0gw5nfdc6jj64h79z1g";
      type = "gem";
    };
-    version = "3.1.8";
+    version = "3.1.9";
  };
  builder = {
    groups = [ "default" ];
@ -34,30 +34,30 @@
    platforms = [ ];
    source = {
      remotes = [ "https://rubygems.org" ];
-      sha256 = "0qnd6ff4az22ysnmni3730c41b979xinilahzg86bn7gv93ip9pw";
+      sha256 = "1naaxsqkv5b3vklab5sbb9sdpszrjzlfsbqpy7ncbnw510xi10m0";
      type = "gem";
    };
-    version = "1.13.0";
+    version = "1.13.1";
  };
  ffi = {
    groups = [ "default" ];
    platforms = [ ];
    source = {
      remotes = [ "https://rubygems.org" ];
-      sha256 = "07139870npj59jnl8vmk39ja3gdk3fb5z9vc0lf32y2h891hwqsi";
+      sha256 = "0fgwn1grxf4zxmyqmb9i4z2hr111585n9jnk17y6y7hhs7dv1xi6";
      type = "gem";
    };
-    version = "1.17.0";
+    version = "1.17.1";
  };
  fileutils = {
    groups = [ "default" ];
    platforms = [ ];
    source = {
      remotes = [ "https://rubygems.org" ];
-      sha256 = "0c86k3027r896wsgvjgdx27kg5d2x4479bc6ni93w9hq88rgp81n";
+      sha256 = "1nmmbvqxssmn9cav5x5sxcw9ab3vqpskdy3nbmsqfjk99f2iw9sp";
      type = "gem";
    };
-    version = "1.7.2";
+    version = "1.7.3";
  };
  gssapi = {
    dependencies = [ "ffi" ];
@ -85,14 +85,15 @@
    version = "1.4.0";
  };
  httpclient = {
+    dependencies = [ "mutex_m" ];
    groups = [ "default" ];
    platforms = [ ];
    source = {
      remotes = [ "https://rubygems.org" ];
-      sha256 = "19mxmvghp7ki3klsxwrlwr431li7hm1lczhhj8z4qihl2acy8l99";
+      sha256 = "1j4qwj1nv66v3n9s4xqf64x2galvjm630bwa5xngicllwic5jr2b";
      type = "gem";
    };
-    version = "2.8.3";
+    version = "2.9.0";
  };
  little-plugger = {
    groups = [ "default" ];
@ -109,10 +110,10 @@
    platforms = [ ];
    source = {
      remotes = [ "https://rubygems.org" ];
-      sha256 = "0lwncq2rf8gm79g2rcnnyzs26ma1f4wnfjm6gs4zf2wlsdz5in9s";
+      sha256 = "05s008w9vy7is3njblmavrbdzyrwwc1fsziffdr58w9pwqj8sqfx";
      type = "gem";
    };
-    version = "1.6.1";
+    version = "1.6.6";
  };
  logging = {
    dependencies = [
@ -138,6 +139,16 @@
    };
    version = "1.15.0";
  };
+  mutex_m = {
+    groups = [ "default" ];
+    platforms = [ ];
+    source = {
+      remotes = [ "https://rubygems.org" ];
+      sha256 = "0l875dw0lk7b2ywa54l0wjcggs94vb7gs8khfw9li75n2sn09jyg";
+      type = "gem";
+    };
+    version = "0.3.0";
+  };
  nori = {
    dependencies = [ "bigdecimal" ];
    groups = [ "default" ];
@ -154,10 +165,10 @@
    platforms = [ ];
    source = {
      remotes = [ "https://rubygems.org" ];
-      sha256 = "0rr145mvjgc4n28lfy0gw87aw3ab680h83bdi5i102ik8mixk3zn";
+      sha256 = "1jmbf6lf7pcyacpb939xjjpn1f84c3nw83dy3p1lwjx0l2ljfif7";
      type = "gem";
    };
-    version = "3.3.8";
+    version = "3.4.1";
  };
  rubyntlm = {
    dependencies = [ "base64" ];
@ -175,20 +186,20 @@
    platforms = [ ];
    source = {
      remotes = [ "https://rubygems.org" ];
-      sha256 = "0grps9197qyxakbpw02pda59v45lfgbgiyw48i0mq9f2bn9y6mrz";
+      sha256 = "05an0wz87vkmqwcwyh5rjiaavydfn5f4q1lixcsqkphzvj7chxw5";
      type = "gem";
    };
-    version = "2.3.2";
+    version = "2.4.1";
  };
  stringio = {
    groups = [ "default" ];
    platforms = [ ];
    source = {
      remotes = [ "https://rubygems.org" ];
-      sha256 = "07mfqb40b2wh53k33h91zva78f9zwcdnl85jiq74wnaw2wa6wiak";
+      sha256 = "1j1mgvrgkxhadi6nb6pz1kcff7gsb5aivj1vfhsia4ssa5hj9adw";
      type = "gem";
    };
-    version = "3.1.1";
+    version = "3.1.5";
  };
  winrm = {
    dependencies = [
--- a/pkgs/by-name/ev/evil-winrm/package.nix
+++ b/pkgs/by-name/ev/evil-winrm/package.nix
@ -3,6 +3,7 @@
 , fetchFromGitHub
 , makeWrapper
 , bundlerEnv
+, bundlerUpdateScript
 }:

 stdenv.mkDerivation rec {
@ -36,6 +37,8 @@ stdenv.mkDerivation rec {
    cp evil-winrm.rb $out/bin/evil-winrm
  '';

+  passthru.updateScript = bundlerUpdateScript "evil-winrm";
+
  meta = with lib; {
    description = "WinRM shell for hacking/pentesting";
    mainProgram = "evil-winrm";