about summary refs log tree commit diff
path: root/pkgs/by-name/gu/guix/package.nix
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/by-name/gu/guix/package.nix')
-rw-r--r--pkgs/by-name/gu/guix/package.nix14
1 files changed, 14 insertions, 0 deletions
diff --git a/pkgs/by-name/gu/guix/package.nix b/pkgs/by-name/gu/guix/package.nix
index 6549a9b8e2763..8f9e4e4836b95 100644
--- a/pkgs/by-name/gu/guix/package.nix
+++ b/pkgs/by-name/gu/guix/package.nix
@@ -1,6 +1,7 @@
 { lib
 , stdenv
 , fetchurl
+, fetchpatch
 , autoreconfHook
 , disarchive
 , git
@@ -43,6 +44,19 @@ stdenv.mkDerivation rec {
     hash = "sha256-Q8dpy/Yy7wVEmsH6SMG6FSwzSUxqvH5HE3u6eyFJ+KQ=";
   };
 
+  patches = [
+    (fetchpatch {
+      name = "CVE-2024-27297_1.patch";
+      url = "https://git.savannah.gnu.org/cgit/guix.git/patch/?id=8f4ffb3fae133bb21d7991e97c2f19a7108b1143";
+      hash = "sha256-xKo1h2uckC2pYHt+memekagfL6dWcF8gOnTOOW/wJUU=";
+    })
+    (fetchpatch {
+      name = "CVE-2024-27297_2.patch";
+      url = "https://git.savannah.gnu.org/cgit/guix.git/patch/?id=ff1251de0bc327ec478fc66a562430fbf35aef42";
+      hash = "sha256-f4KWDVrvO/oI+4SCUHU5GandkGtHrlaM1BWygM/Qlao=";
+    })
+  ];
+
   postPatch = ''
     sed nix/local.mk -i -E \
       -e "s|^sysvinitservicedir = .*$|sysvinitservicedir = $out/etc/init.d|" \
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-04 21:04:14 +0000