diff options
Diffstat (limited to 'nixpkgs/pkgs/tools/package-management/nix/default.nix')
| -rw-r--r-- | nixpkgs/pkgs/tools/package-management/nix/default.nix | 27 |
1 files changed, 24 insertions, 3 deletions
diff --git a/nixpkgs/pkgs/tools/package-management/nix/default.nix b/nixpkgs/pkgs/tools/package-management/nix/default.nix index c3f970f78fb3..92c988ea5d08 100644 --- a/nixpkgs/pkgs/tools/package-management/nix/default.nix +++ b/nixpkgs/pkgs/tools/package-management/nix/default.nix @@ -17,8 +17,19 @@ let boehmgc-nix_2_3 = boehmgc.override { enableLargeConfig = true; }; boehmgc-nix = boehmgc-nix_2_3.overrideAttrs (drv: { - # Part of the GC solution in https://github.com/NixOS/nix/pull/4944 - patches = (drv.patches or [ ]) ++ [ ./patches/boehmgc-coroutine-sp-fallback.patch ]; + patches = (drv.patches or [ ]) ++ [ + # Part of the GC solution in https://github.com/NixOS/nix/pull/4944 + ./patches/boehmgc-coroutine-sp-fallback.patch + + # Required since 2.20, and has always been a valid change + # Awaiting 8.2 patch release of https://github.com/ivmai/bdwgc/commit/d1d4194c010bff2dc9237223319792cae834501c + # or master release of https://github.com/ivmai/bdwgc/commit/86b3bf0c95b66f718c3cb3d35fd7387736c2a4d7 + (fetchpatch { + name = "boehmgc-traceable_allocator-public.diff"; + url = "https://github.com/NixOS/nix/raw/2.20.0/dep-patches/boehmgc-traceable_allocator-public.diff"; + hash = "sha256-FLsHY/JS46neiSyyQkVpbHZEFvWSCzWrFQu1CC71sh4="; + }) + ]; }); # old nix fails to build with newer aws-sdk-cpp and the patch doesn't apply @@ -156,6 +167,7 @@ in lib.makeExtensible (self: ({ hash = "sha256-EK0pgHDekJFqr0oMj+8ANIjq96WPjICe2s0m4xkUdH4="; patches = [ patch-monitorfdhup + ./patches/2_3/CVE-2024-27297.patch ]; maintainers = with lib.maintainers; [ flokli raitobezarius ]; }).override { boehmgc = boehmgc-nix_2_3; }; @@ -234,12 +246,21 @@ in lib.makeExtensible (self: ({ hash = "sha256-WNmifcTsN9aG1ONkv+l2BC4sHZZxtNKy0keqBHXXQ7w="; patches = [ patch-rapidcheck-shared + ./patches/2_18/CVE-2024-27297.patch ]; }; nix_2_19 = common { version = "2.19.3"; hash = "sha256-EtL6M0H5+0mFbFh+teVjm+0B+xmHoKwtBvigS5NMWoo="; + patches = [ + ./patches/2_19/CVE-2024-27297.patch + ]; + }; + + nix_2_20 = common { + version = "2.20.5"; + hash = "sha256-bfFe38BkoQws7om4gBtBWoNTLkt9piMXdLLoHYl+vBQ="; }; # The minimum Nix version supported by Nixpkgs @@ -261,7 +282,7 @@ in lib.makeExtensible (self: ({ stable = addFallbackPathsCheck self.nix_2_18; - unstable = self.nix_2_19; + unstable = self.nix_2_20; } // lib.optionalAttrs config.allowAliases { nix_2_4 = throw "nixVersions.nix_2_4 has been removed"; |