ssm-agent: apply patch for CVE-2022-29527

2024-11-28 01:43:15 +00:00 · 2022-12-05 18:55:16 +01:00 · 2022-12-05 18:55:16 +01:00 · 2145ef28e2
commit 2145ef28e2
parent 6b5cf5342e
1 changed files with 7 additions and 0 deletions
--- a/pkgs/applications/networking/cluster/ssm-agent/default.nix
+++ b/pkgs/applications/networking/cluster/ssm-agent/default.nix
@ -3,6 +3,7 @@
 , buildGoPackage
 , makeWrapper
 , fetchFromGitHub
+, fetchpatch
 , coreutils
 , nettools
 , dmidecode
@ -47,6 +48,12 @@ buildGoPackage rec {
    # They used constants from another package that I couldn't figure
    # out how to resolve, so hardcoded the constants.
    ./0002-version-gen-don-t-use-unnecessary-constants.patch
+
+    (fetchpatch {
+      name = "CVE-2022-29527.patch";
+      url = "https://github.com/aws/amazon-ssm-agent/commit/0fe8ae99b2ff25649c7b86d3bc05fc037400aca7.patch";
+      sha256 = "sha256-5g14CxhsHLIgs1Vkfw8FCKEJ4AebNqZKf3ZzoAN/T9U=";
+    })
  ];

  preConfigure = ''