corosync: apply patch for CVE-2025-30472

Related issue: https://github.com/corosync/corosync/issues/778 (cherry picked from commit c99fae3a0fe224de2a86ee2e84f6a64c5c93472c)
author: Thomas Gerbet <thomas@gerbet.me> 2025-06-28 17:02:44 +0200
committer: github-actions[bot] <github-actions[bot]@users.noreply.github.com> 2025-08-08 07:29:55 +0000
commit: c8b7490123500600394b72cdff1b69df0f660d94 (patch)
tree: a83276d1d76e5f9f1af1791e85e016b2a4d4180b
parent: [Backport release-25.05] firefox-bin-unwrapped: 141.0.2 -> 141.0.3 (#431910) (diff)
download: nixpkgs-c8b7490123500600394b72cdff1b69df0f660d94.tar.gz
1 files changed, 9 insertions, 0 deletions
diff --git a/pkgs/by-name/co/corosync/package.nix b/pkgs/by-name/co/corosync/package.nix
index 6225fa443c8e..d640734c7b51 100644
--- a/pkgs/by-name/co/corosync/package.nix
+++ b/pkgs/by-name/co/corosync/package.nix
@@ -2,6 +2,7 @@
   lib,
   stdenv,
   fetchurl,
+  fetchpatch2,
   makeWrapper,
   pkg-config,
   kronosnet,
@@ -32,6 +33,14 @@ stdenv.mkDerivation rec {
     sha256 = "sha256-IDNUu93uGpezxQoHbq6JxjX0Bt1nTMrvyUu5CSrNlTU=";
   };
 
+  patches = [
+    (fetchpatch2 {
+      name = "CVE-2025-30472.patch";
+      url = "https://github.com/corosync/corosync/commit/7839990f9cdf34e55435ed90109e82709032466a.patch??full_index=1";
+      hash = "sha256-EgGTfOM9chjLnb1QWNGp6IQQKQGdetNkztdddXlN/uo=";
+    })
+  ];
+
   nativeBuildInputs = [
     makeWrapper
     pkg-config
author	Thomas Gerbet <thomas@gerbet.me>	2025-06-28 17:02:44 +0200
committer	github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2025-08-08 07:29:55 +0000
commit	c8b7490123500600394b72cdff1b69df0f660d94 (patch)
tree	a83276d1d76e5f9f1af1791e85e016b2a4d4180b
parent	[Backport release-25.05] firefox-bin-unwrapped: 141.0.2 -> 141.0.3 (#431910) (diff)
download	nixpkgs-c8b7490123500600394b72cdff1b69df0f660d94.tar.gz