diff options
| author | Thomas Gerbet <thomas@gerbet.me> | 2024-04-30 22:31:10 +0200 |
|---|---|---|
| committer | Thomas Gerbet <thomas@gerbet.me> | 2024-04-30 22:31:10 +0200 |
| commit | 3593d46b31c0002775fc9369523b39b6ae820930 (patch) | |
| tree | 770df1f4afb4a200ffda7d65e52fb029cce55990 | |
| parent | e0df48703bb524c519c6497c1c81428014ab96f1 (diff) | |
libvirt: apply patches for CVE-2024-2494 and CVE-2024-1441
| -rw-r--r-- | pkgs/development/libraries/libvirt/default.nix | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/pkgs/development/libraries/libvirt/default.nix b/pkgs/development/libraries/libvirt/default.nix index f82c5d18fb9d..81dacdb493c9 100644 --- a/pkgs/development/libraries/libvirt/default.nix +++ b/pkgs/development/libraries/libvirt/default.nix @@ -9,6 +9,7 @@ , dnsmasq , docutils , fetchFromGitLab +, fetchpatch , gettext , glib , gnutls @@ -126,6 +127,16 @@ stdenv.mkDerivation rec { patches = [ ./0001-meson-patch-in-an-install-prefix-for-building-on-nix.patch + (fetchpatch { + name = "CVE-2024-2494.patch"; + url = "https://gitlab.com/libvirt/libvirt/-/commit/8a3f8d957507c1f8223fdcf25a3ff885b15557f2.patch"; + hash = "sha256-kxSIZ4bPOhN6PpJepoSF+EDTgdmazRWh3a3KSVfm1GU="; + }) + (fetchpatch { + name = "CVE-2024-1441.patch"; + url = "https://gitlab.com/libvirt/libvirt/-/commit/c664015fe3a7bf59db26686e9ed69af011c6ebb8.patch"; + hash = "sha256-Qi/gk7+NPz9s9OpWOnF8XW6A75C9BbVxBTE4KVwalo4="; + }) ] ++ lib.optionals enableZfs [ (substituteAll { src = ./0002-substitute-zfs-and-zpool-commands.patch; |