commit 0a79256e0dd400bb9c8a1abaf5fd4b37d6483f5c · tjh.dev/nixpkgs

tjh.dev / nixpkgs

Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)

fork atom

hydra_unstable: Fix CVE-2024-32657

Janne Heß 2 years ago 0a79256e 06fc8753

+10

1 changed file

expand all

unified split

pkgs

development

tools

misc

hydra

unstable.nix

+10

pkgs/development/tools/misc/hydra/unstable.nix

··· 43 , cacert 44 , glibcLocales 45 , fetchFromGitHub 46 , nixosTests 47 }: 48 ··· 204 ''; 205 206 enableParallelBuilding = true; 207 208 postPatch = '' 209 # Change 5s timeout for init to 30s

··· 43 , cacert 44 , glibcLocales 45 , fetchFromGitHub 46 + , fetchpatch2 47 , nixosTests 48 }: 49 ··· 205 ''; 206 207 enableParallelBuilding = true; 208 + 209 + patches = [ 210 + # https://github.com/NixOS/hydra/security/advisories/GHSA-2p75-6g9f-pqgx 211 + (fetchpatch2 { 212 + name = "CVE-2024-32657.patch"; 213 + url = "https://github.com/NixOS/hydra/commit/b72528be5074f3e62e9ae2c2ae8ef9c07a0b4dd3.patch"; 214 + hash = "sha256-+y27N8AIaHj13mj0LwW7dkpzfzZ4xfjN8Ld23c5mzuU="; 215 + }) 216 + ]; 217 218 postPatch = '' 219 # Change 5s timeout for init to 30s