diff options
Diffstat (limited to 'pkgs/servers/mail/rspamd/default.nix')
-rw-r--r-- | pkgs/servers/mail/rspamd/default.nix | 32 |
1 files changed, 29 insertions, 3 deletions
diff --git a/pkgs/servers/mail/rspamd/default.nix b/pkgs/servers/mail/rspamd/default.nix index 579a664e637..eb96fa9738e 100644 --- a/pkgs/servers/mail/rspamd/default.nix +++ b/pkgs/servers/mail/rspamd/default.nix @@ -1,6 +1,23 @@ -{ stdenv, lib, fetchFromGitHub, cmake, perl -, glib, luajit, openssl, pcre, pkg-config, sqlite, ragel, icu -, hyperscan, jemalloc, blas, lapack, lua, libsodium +{ stdenv +, lib +, fetchFromGitHub +, fetchpatch2 +, cmake +, perl +, glib +, luajit +, openssl +, pcre +, pkg-config +, sqlite +, ragel +, icu +, hyperscan +, jemalloc +, blas +, lapack +, lua +, libsodium , withBlas ? true , withHyperscan ? stdenv.isx86_64 , withLuaJIT ? stdenv.isx86_64 @@ -20,6 +37,15 @@ stdenv.mkDerivation rec { hash = "sha256-GuWuJK73RE+cS8451m+bcmpZNQEzmZtexm19xgdDQeU="; }; + patches = [ + # Fix leak in `gzip` function + # https://github.com/rspamd/rspamd/issues/4564 + (fetchpatch2 { + url = "https://github.com/rspamd/rspamd/commit/ffbab4fbf218514845b8e5209aec044621b1f460.patch"; + hash = "sha256-ltkC/mZcYmGoSFILaTTRB/UWSn36flEbuJP4Buys05Y="; + }) + ]; + hardeningEnable = [ "pie" ]; nativeBuildInputs = [ cmake pkg-config perl ]; |