Merge pull request #307206 from LeSuisse/octoprint-CVE-2024-28237-23.11

[23.11] octoprint: apply patch for CVE-2024-28237
NixOS · Apr 28, 2024 · 06347bf · 06347bf
2 parents 96f84e8 + 887d63e
commit 06347bf
Showing 1 changed file with 8 additions and 0 deletions.
diff --git a/pkgs/applications/misc/octoprint/default.nix b/pkgs/applications/misc/octoprint/default.nix
@@ -4,6 +4,7 @@
 , lib
 , fetchFromGitHub
 , fetchPypi
+, fetchpatch
 , python3
 , substituteAll
 , nix-update-script
@@ -188,6 +189,13 @@ let
                   src = ./ffmpeg-path.patch;
                   ffmpeg = "${pkgs.ffmpeg}/bin/ffmpeg";
                 })
+
+                (fetchpatch {
+                  # https://github.com/OctoPrint/OctoPrint/security/advisories/GHSA-x7mf-wrh9-r76c
+                  name = "CVE-2024-28237.patch";
+                  url = "https://github.com/OctoPrint/OctoPrint/commit/779894c1bc6478332d14bc9ed1006df1354eb517.patch";
+                  hash = "sha256-JtZSEbzkvVl1yz1fjJN1BCVIRSx3ZiLsj01dh+xchyM=";
+                })
               ];
 
               postPatch =