diff options
| author | Thomas Gerbet <thomas@gerbet.me> | 2024-04-17 00:42:20 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-04-17 00:42:20 +0200 |
| commit | c244fd66eb9abd3074f645bee52def4a3baedb50 (patch) | |
| tree | 08b136f253609a017518c6949004a4b80153bdd2 | |
| parent | 6199d51ba666ca6c2b9a860b30a39b1b2f4f1434 (diff) | |
| parent | cf564bcd0d8bb9a70a6c0ba38f9e723ddb86eae3 (diff) | |
Merge pull request #304367 from risicle/ris-blosc2-CVE-2024-3203-CVE-2024-3204-r23.11
[23.11] python311Packages.blosc2: add patches for CVE-2024-3203 & CVE-2024-3204
| -rw-r--r-- | pkgs/development/python-modules/blosc2/default.nix | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/pkgs/development/python-modules/blosc2/default.nix b/pkgs/development/python-modules/blosc2/default.nix index a4c1db3d7b700..075de1ea28739 100644 --- a/pkgs/development/python-modules/blosc2/default.nix +++ b/pkgs/development/python-modules/blosc2/default.nix @@ -1,6 +1,7 @@ { lib , buildPythonPackage , fetchFromGitHub +, fetchpatch # build-system , cmake @@ -37,6 +38,23 @@ buildPythonPackage rec { hash = "sha256-5a94Zm6sYl/nSfkcFbKG7PkyXwLB6bAoIvfaq0yVGHo="; }; + patches = [ + (fetchpatch { + name = "CVE-2024-3203.CVE-2024-3204.part-1.patch"; + url = "https://github.com/Blosc/c-blosc2/commit/892f6d9c8ffc6e3c4d571df8fc02114f88c69b52.patch"; + stripLen = 1; + extraPrefix = "blosc2/c-blosc2/"; + hash = "sha256-sNgDcdT9HFrx41VKohp4GNUEjM1sqLYkIZu4baKRMeI="; + }) + (fetchpatch { + name = "CVE-2024-3203.CVE-2024-3204.part-2.patch"; + url = "https://github.com/Blosc/c-blosc2/commit/9cc79a79373f1b338b2e029e2e489b4e7971cd0c.patch"; + stripLen = 1; + extraPrefix = "blosc2/c-blosc2/"; + hash = "sha256-J/zcyNrxQr43+ROhDDQFmUJZQSTwo9qDuLwZeLd/ooo="; + }) + ]; + postPatch = '' substituteInPlace requirements-runtime.txt \ --replace "pytest" "" |