summaryrefslogtreecommitdiffstats
path: root/makefu/2configs
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2016-02-18 22:14:16 +0100
committermakefu <github@syntax-fehler.de>2016-02-18 22:14:16 +0100
commit74cfe87654638106f2d2a1a698814b41c2e904f2 (patch)
treec7613d3d4a3296e2070559b4487138200f2f6ab9 /makefu/2configs
parent54dc51d341f5a3b253341a20a4e35b1ed03a3244 (diff)
ma 2 default: apply cve-2015-7547 hotfix
Diffstat (limited to 'makefu/2configs')
-rw-r--r--makefu/2configs/default.nix7
1 files changed, 7 insertions, 0 deletions
diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix
index 83018e9f8..3043a1af3 100644
--- a/makefu/2configs/default.nix
+++ b/makefu/2configs/default.nix
@@ -4,6 +4,13 @@ with config.krebs.lib;
{
system.stateVersion = "15.09";
+ system.replaceRuntimeDependencies = with pkgs.lib;
+ [{original = pkgs.glibc; replacement = pkgs.stdenv.lib.overrideDerivation pkgs.glibc (oldAttr: { patches = oldAttr.patches ++
+ [(pkgs.fetchurl { url = "https://raw.githubusercontent.com/NixOS/nixpkgs/master/pkgs/development/libraries/glibc/cve-2015-7547.patch";
+ sha256 = "0awpc4rp2x27rjpj83ps0rclmn73hsgfv2xxk18k82w4hdxqpp5r";})];
+ });}
+ ];
+
imports = [
{
users.extraUsers =