pyrox.dev
lol
nginx: apply patch for CVE-2025-53859 (#433604)
authored by
Franz Pletz
and committed by
GitHub
fbf7c69d
a885d5af
+7
+7
pkgs/servers/http/nginx/generic.nix
+7
pkgs/servers/http/nginx/generic.nix
···
218
218
./nix-etag-1.15.4.patch
219
219
./nix-skip-check-logs-path.patch
220
220
]
221
+
++ lib.optionals (!lib.versionAtLeast version "1.29.1") [
222
+
(fetchpatch {
223
+
name = "CVE-2025-53859.patch";
224
+
url = "https://nginx.org/download/patch.2025.smtp.txt";
225
+
hash = "sha256-v49sLskFNMoKuG8HQISw8ST7ga6DS+ngJiL0D3sUyGk=";
226
+
})
227
+
]
221
228
++ lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [
222
229
(fetchpatch {
223
230
url = "https://raw.githubusercontent.com/openwrt/packages/c057dfb09c7027287c7862afab965a4cd95293a3/net/nginx/patches/102-sizeof_test_fix.patch";