diff options
Diffstat (limited to 'pkgs/development/libraries/mbedtls')
| -rw-r--r-- | pkgs/development/libraries/mbedtls/2.nix | 4 | ||||
| -rw-r--r-- | pkgs/development/libraries/mbedtls/3.nix | 10 | ||||
| -rw-r--r-- | pkgs/development/libraries/mbedtls/generic.nix | 3 |
3 files changed, 14 insertions, 3 deletions
diff --git a/pkgs/development/libraries/mbedtls/2.nix b/pkgs/development/libraries/mbedtls/2.nix index 97d62fad3ced1..42fb6edae78f2 100644 --- a/pkgs/development/libraries/mbedtls/2.nix +++ b/pkgs/development/libraries/mbedtls/2.nix @@ -1,6 +1,6 @@ { callPackage }: callPackage ./generic.nix { - version = "2.28.7"; - hash = "sha256-JI0Frbz4HkPqrLQNrSIj1ikN8201h4kd1wTwyPotERw="; + version = "2.28.8"; + hash = "sha256-A1DYZrvJ8SRujroVwqPfcTOSgLnT5xRat/RVdq2fL/o="; } diff --git a/pkgs/development/libraries/mbedtls/3.nix b/pkgs/development/libraries/mbedtls/3.nix index 267349ac5d7be..abba77308a61c 100644 --- a/pkgs/development/libraries/mbedtls/3.nix +++ b/pkgs/development/libraries/mbedtls/3.nix @@ -1,6 +1,14 @@ -{ callPackage }: +{ callPackage, fetchpatch }: callPackage ./generic.nix { version = "3.5.2"; hash = "sha256-lVGmnSYccNmRS6vfF/fDiny5cYRPc/wJBpgciFLPUvM="; + + patches = [ + (fetchpatch { + name = "CVE-2024-28755.patch"; + url = "https://github.com/Mbed-TLS/mbedtls/commit/ad736991bb59211118a29fe115367c24495300c2.patch"; + hash = "sha256-MUnGT2ptlBikpZYL6+cvoF7fOiD2vMK4cbkgevgyl60="; + }) + ]; } diff --git a/pkgs/development/libraries/mbedtls/generic.nix b/pkgs/development/libraries/mbedtls/generic.nix index 2e79a593b7c31..045f59b269eda 100644 --- a/pkgs/development/libraries/mbedtls/generic.nix +++ b/pkgs/development/libraries/mbedtls/generic.nix @@ -3,6 +3,7 @@ , version , hash , fetchFromGitHub +, patches ? [] , cmake , ninja @@ -23,6 +24,8 @@ stdenv.mkDerivation rec { inherit hash; }; + inherit patches; + nativeBuildInputs = [ cmake ninja perl python3 ]; strictDeps = true; |