tjh.dev / nixpkgs
Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)
fork atom

hydra_unstable: Fix CVE-2024-32657

Janne Heß 0a79256e 06fc8753

+10
unified split
+10
pkgs/development/tools/misc/hydra/unstable.nix
··· 43 43 , cacert 44 44 , glibcLocales 45 45 , fetchFromGitHub 46 + , fetchpatch2 46 47 , nixosTests 47 48 }: 48 49 ··· 204 205 ''; 205 206 206 207 enableParallelBuilding = true; 208 + 209 + patches = [ 210 + # https://github.com/NixOS/hydra/security/advisories/GHSA-2p75-6g9f-pqgx 211 + (fetchpatch2 { 212 + name = "CVE-2024-32657.patch"; 213 + url = "https://github.com/NixOS/hydra/commit/b72528be5074f3e62e9ae2c2ae8ef9c07a0b4dd3.patch"; 214 + hash = "sha256-+y27N8AIaHj13mj0LwW7dkpzfzZ4xfjN8Ld23c5mzuU="; 215 + }) 216 + ]; 207 217 208 218 postPatch = '' 209 219 # Change 5s timeout for init to 30s