Merge pull request #180351 from helsinki-systems/fix/CVE-2022-30550

dovecot: fix CVE-2022-30550
2022-07-06 20:27:00 +02:00 · 2022-07-06 20:27:00 +02:00 · 2039758aae
parent 1c6752e8b6 6870d49fea
commit 2039758aae
1 changed files with 6 additions and 0 deletions
--- a/pkgs/servers/mail/dovecot/default.nix
+++ b/pkgs/servers/mail/dovecot/default.nix
@ -2,6 +2,7 @@
 , bzip2, zlib, lz4, inotify-tools, pam, libcap, coreutils
 , clucene_core_2, icu, openldap, libsodium, libstemmer, cyrus_sasl
 , nixosTests
+, fetchpatch
 # Auth modules
 , withMySQL ? false, libmysqlclient
 , withPgSQL ? false, postgresql
@ -57,6 +58,11 @@ stdenv.mkDerivation rec {
    # so we can symlink plugins from several packages there.
    # The symlinking needs to be done in NixOS.
    ./2.3.x-module_dir.patch
+    # fix CVE-2022-30550
+    (fetchpatch {
+      url = "https://github.com/dovecot/core/compare/7bad6a24%5E..a1022072.patch";
+      hash = "sha256-aSyRcQreyA9j8QwkODHqPpRuS3vzouVatEWCqhh+r+8=";
+    })
  ];

  configureFlags = [