alioth/nixpkgs
3
0
Fork 0
forked from mirrors/nixpkgs
Code Releases Activity

phpPackages.composer: apply patch for CVE-2024-24821

Browse source 
Upgrade to the 2.7.x branch needs some work (see #288574), let's patch
the security issue in the meantime.
This commit is contained in:
Thomas Gerbet 2024-02-14 20:46:32 +01:00
parent c92140986f
commit 2ed28e8f2d
1 changed files with 13 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
pkgs/development/php-packages/composer/default.nix
View file

@ -1,4 +1,4 @@
{ lib, callPackage, fetchFromGitHub, php, unzip, _7zz, xz, git, curl, cacert, makeBinaryWrapper }:
{ lib, callPackage, fetchFromGitHub, fetchpatch, php, unzip, _7zz, xz, git, curl, cacert, makeBinaryWrapper }:
php.buildComposerProject (finalAttrs: {
# Hash used by ../../../build-support/php/pkgs/composer-phar.nix to
@ -22,6 +22,18 @@ php.buildComposerProject (finalAttrs: {
hash = "sha256-KsTZi7dSlQcAxoen9rpofbptVdLYhK+bZeDSXQY7o5M=";
};
patches = [
(fetchpatch {
name = "CVE-2024-24821.patch";
url = "https://github.com/composer/composer/commit/77e3982918bc1d886843dc3d5e575e7e871b27b7.patch";
hash = "sha256-Q7gkPLf59+p++DpfJZeOrAOiWePuGkdGYRaS/rK+Nv4=";
excludes = [
# Skipping test files, they are not included in the source tarball
"tests/*"
];
})
];
nativeBuildInputs = [ makeBinaryWrapper ];
postInstall = ''