diff options
author | Robert Scott <code@humanleg.org.uk> | 2022-02-20 17:03:22 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-02-20 17:03:22 +0000 |
commit | 3e432f195f07f8df114c026857cccaad0821fed8 (patch) | |
tree | 74401552945bbf56a17ca53d4bf0b2d7c8fbfeb7 /pkgs/servers/mastodon | |
parent | fbb388b7cdc93f3ad3f75cfab5a42838493a5250 (diff) | |
parent | a8121ca80e04d22d98504fdddd90e342fdda7387 (diff) | |
download | nixpkgs-3e432f195f07f8df114c026857cccaad0821fed8.tar nixpkgs-3e432f195f07f8df114c026857cccaad0821fed8.tar.gz nixpkgs-3e432f195f07f8df114c026857cccaad0821fed8.tar.bz2 nixpkgs-3e432f195f07f8df114c026857cccaad0821fed8.tar.lz nixpkgs-3e432f195f07f8df114c026857cccaad0821fed8.tar.xz nixpkgs-3e432f195f07f8df114c026857cccaad0821fed8.tar.zst nixpkgs-3e432f195f07f8df114c026857cccaad0821fed8.zip |
Merge pull request #160723 from erictapen/mastodon
mastodon: apply upstream patch for CVE-2022-0432
Diffstat (limited to 'pkgs/servers/mastodon')
-rw-r--r-- | pkgs/servers/mastodon/default.nix | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/pkgs/servers/mastodon/default.nix b/pkgs/servers/mastodon/default.nix index 09d6d0cc105..a173c594c6b 100644 --- a/pkgs/servers/mastodon/default.nix +++ b/pkgs/servers/mastodon/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, nodejs-slim, mkYarnPackage, fetchFromGitHub, bundlerEnv +{ lib, stdenv, nodejs-slim, mkYarnPackage, fetchFromGitHub, fetchpatch, bundlerEnv , yarn, callPackage, imagemagick, ffmpeg, file, ruby_3_0, writeShellScript # Allow building a fork or custom version of Mastodon: @@ -15,6 +15,14 @@ stdenv.mkDerivation rec { # Putting the callPackage up in the arguments list also does not work. src = if srcOverride != null then srcOverride else callPackage ./source.nix {}; + patches = [ + (fetchpatch { + name = "CVE-2022-0432.patch"; + url = "https://github.com/mastodon/mastodon/commit/4d6d4b43c6186a13e67b92eaf70fe1b70ea24a09.patch"; + sha256 = "sha256-C18X2ErBqP/dIEt8NrA7hdiqxUg5977clouuu7Lv4/E="; + }) + ]; + mastodon-gems = bundlerEnv { name = "${pname}-gems-${version}"; inherit version; |