From 3db773270484fe8df909505e1eb5af04d5c4ddc4 Mon Sep 17 00:00:00 2001
From: Robert Scott <code@humanleg.org.uk>
Date: Wed, 29 Sep 2021 22:04:55 +0100
Subject: wolfssl: add patch for CVE-2021-38597

---
 pkgs/development/libraries/wolfssl/default.nix | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/pkgs/development/libraries/wolfssl/default.nix b/pkgs/development/libraries/wolfssl/default.nix
index 9f8c2b3f2908..70e7329afd15 100644
--- a/pkgs/development/libraries/wolfssl/default.nix
+++ b/pkgs/development/libraries/wolfssl/default.nix
@@ -22,6 +22,11 @@ stdenv.mkDerivation rec {
       url = "https://github.com/wolfSSL/wolfssl/commit/822aa92fccf77558e250131c1c6e9bb84d07afe8.patch";
       sha256 = "1n7774hy9ybbxmg8dldqnhw279k7fkxwvw1s2mjjhkzra9w5x2zy";
     })
+    (fetchpatch {
+      name = "CVE-2021-38597.patch";
+      url = "https://github.com/wolfSSL/wolfssl/commit/f93083be72a3b3d956b52a7ec13f307a27b6e093.patch";
+      sha256 = "1b9zxisc15mm1s6sl8dmpaw520hcndymf6b003xpwsb5070xcld0";
+    })
   ];
 
   # almost same as Debian but for now using --enable-all --enable-reproducible-build instead of --enable-distro to ensure options.h gets installed
-- 
cgit v1.2.3