Merge pull request #204876 from LeSuisse/ssm-agent-CVE-2022-29527

ssm-agent: apply patch for CVE-2022-29527
2025-02-26 05:57:28 +00:00 · 2022-12-08 00:27:17 +00:00 · 2022-12-08 00:27:17 +00:00 · 48bcb76e66
commit 48bcb76e66
parent b818d8a9b3 2145ef28e2
1 changed files with 7 additions and 0 deletions
--- a/pkgs/applications/networking/cluster/ssm-agent/default.nix
+++ b/pkgs/applications/networking/cluster/ssm-agent/default.nix
@ -3,6 +3,7 @@
 , buildGoPackage
 , makeWrapper
 , fetchFromGitHub
+, fetchpatch
 , coreutils
 , nettools
 , dmidecode
@ -47,6 +48,12 @@ buildGoPackage rec {
    # They used constants from another package that I couldn't figure
    # out how to resolve, so hardcoded the constants.
    ./0002-version-gen-don-t-use-unnecessary-constants.patch
+
+    (fetchpatch {
+      name = "CVE-2022-29527.patch";
+      url = "https://github.com/aws/amazon-ssm-agent/commit/0fe8ae99b2ff25649c7b86d3bc05fc037400aca7.patch";
+      sha256 = "sha256-5g14CxhsHLIgs1Vkfw8FCKEJ4AebNqZKf3ZzoAN/T9U=";
+    })
  ];

  preConfigure = ''