diff options
author | Alexis Hildebrandt <afh@surryhill.net> | 2022-08-20 10:28:03 +0200 |
---|---|---|
committer | Alexis Hildebrandt <afh@surryhill.net> | 2022-08-20 10:28:03 +0200 |
commit | f2805f293dd95bbc32bd49134263f52d8212508d (patch) | |
tree | d5a72facbecfc044aa5f05c8d7d04b5fc7ff61c1 /pkgs/tools/security/gnupg | |
parent | 1319727ba189afe8fc66e23afaf780d52b38a543 (diff) |
gnupg: Fix regression when using YubiKey devices
as smart cards.
Diffstat (limited to 'pkgs/tools/security/gnupg')
-rw-r--r-- | pkgs/tools/security/gnupg/23.nix | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/pkgs/tools/security/gnupg/23.nix b/pkgs/tools/security/gnupg/23.nix index b93e533e6fd82..af28b4903df25 100644 --- a/pkgs/tools/security/gnupg/23.nix +++ b/pkgs/tools/security/gnupg/23.nix @@ -32,6 +32,14 @@ stdenv.mkDerivation rec { # Patch for DoS vuln from https://seclists.org/oss-sec/2022/q3/27 ./v3-0001-Disallow-compressed-signatures-and-certificates.patch + + # Fix regression when using YubiKey devices as smart cards. + # See https://dev.gnupg.org/T6070 for details. + # Committed upstream, remove this patch when updating to the next release. + (fetchpatch { + url = "https://dev.gnupg.org/rGf34b9147eb3070bce80d53febaa564164cd6c977?diff=1"; + sha256 = "sha256-J/PLSz8yiEgtGv+r3BTGTHrikV70AbbHQPo9xbjaHFE="; + }) ]; postPatch = '' sed -i 's,\(hkps\|https\)://keyserver.ubuntu.com,hkps://keys.openpgp.org,g' configure configure.ac doc/dirmngr.texi doc/gnupg.info-1 |