cosign: 1.5.1 -> 1.5.2

Fixes CVE-2022-23649. https://github.com/sigstore/cosign/security/advisories/GHSA-ccxc-vr6p-4858
2024-11-24 16:03:23 +00:00 · 2022-02-19 10:26:45 +01:00 · 2022-02-19 10:26:45 +01:00 · 95fbeff9ac
commit 95fbeff9ac
parent 62aa918237
1 changed files with 2 additions and 2 deletions
--- a/pkgs/tools/security/cosign/default.nix
+++ b/pkgs/tools/security/cosign/default.nix
@ -2,13 +2,13 @@

 buildGoModule rec {
  pname = "cosign";
-  version = "1.5.1";
+  version = "1.5.2";

  src = fetchFromGitHub {
    owner = "sigstore";
    repo = pname;
    rev = "v${version}";
-    sha256 = "sha256-hQFkbHOmtk0SqFSPw1+5nCvjq9cKsGzFPtK4jXDrubQ=";
+    sha256 = "sha256-37jahAGgQn7HwwdRTlAS/oJQ3BxTkMViI6iJMBYFgjI=";
  };

  buildInputs = lib.optional (stdenv.isLinux && pivKeySupport) (lib.getDev pcsclite)