about summary refs log tree commit diff
path: root/nixpkgs/pkgs/servers/frr/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'nixpkgs/pkgs/servers/frr/default.nix')
-rw-r--r--nixpkgs/pkgs/servers/frr/default.nix10
1 files changed, 10 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/servers/frr/default.nix b/nixpkgs/pkgs/servers/frr/default.nix
index 0ca256f1cbdd..d588fee00483 100644
--- a/nixpkgs/pkgs/servers/frr/default.nix
+++ b/nixpkgs/pkgs/servers/frr/default.nix
@@ -1,6 +1,7 @@
 { lib
 , stdenv
 , fetchFromGitHub
+, fetchpatch
 
 # build time
 , autoreconfHook
@@ -94,6 +95,15 @@ stdenv.mkDerivation rec {
     hash = "sha256-oDPr51vI+tlT1IiUPufmZh/UE0TNKWrn4RqpnGoGxNo=";
   };
 
+  patches = [
+    # fixes crash in OSPF TE parsing
+    (fetchpatch {
+      name = "CVE-2024-27913.patch";
+      url = "https://github.com/FRRouting/frr/commit/541503eecd302d2cc8456167d130014cd2cf1134.patch";
+      hash = "sha256-7NxPlQK/6lbLs/NqNi4OZ2uBWfXw99SiXDR6okNvJlg=";
+    })
+  ];
+
   nativeBuildInputs = [
     autoreconfHook
     bison
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-12 23:46:10 +0000