diff --git a/pkgs/by-name/dn/dnsmasq/CVE-2026-6507.patch b/pkgs/by-name/dn/dnsmasq/CVE-2026-6507.patch deleted file mode 100644 index 62249150aa3b..000000000000 --- a/pkgs/by-name/dn/dnsmasq/CVE-2026-6507.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 9ad74926d4f7f34ff902e1db5235535aa813c33f Mon Sep 17 00:00:00 2001 -From: Simon Kelley -Date: Mon, 6 Apr 2026 22:22:43 +0100 -Subject: [PATCH] Fix 1-byte buffer overflow in relay_reply4() - -Potential SIGSEGV when using DHCPv4-relay. - -Thanks to Asim Viladi Oglu Manizada for finding this. ---- - src/rfc2131.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/rfc2131.c b/src/rfc2131.c -index 7bdfefd..55aad03 100644 ---- a/src/rfc2131.c -+++ b/src/rfc2131.c -@@ -3248,7 +3248,7 @@ unsigned int relay_reply4(struct dhcp_packet *mess, size_t sz, char *arrival_int - - /* delete agent info before return RFC 3046 para 2.1 */ - *opt = OPTION_END; -- memset(opt + 1, 0, option_len(opt) + 2); -+ memset(opt + 1, 0, option_len(opt) + 1); - } - } - else if (mess->giaddr.s_addr == relay->local.addr4.s_addr) --- -2.20.1 - diff --git a/pkgs/by-name/dn/dnsmasq/package.nix b/pkgs/by-name/dn/dnsmasq/package.nix index 6665b9776527..c46aee2aebeb 100644 --- a/pkgs/by-name/dn/dnsmasq/package.nix +++ b/pkgs/by-name/dn/dnsmasq/package.nix @@ -30,18 +30,13 @@ let in stdenv.mkDerivation (finalAttrs: { pname = "dnsmasq"; - version = "2.92rel2"; + version = "2.93"; src = fetchurl { url = "https://www.thekelleys.org.uk/dnsmasq/dnsmasq-${finalAttrs.version}.tar.xz"; - hash = "sha256-Q9crjBKb3zPRe6/tyYgj9j5GtQBRKAZr8NKkcqMs4Go="; + hash = "sha256-DADU5cl8gwbl+5MrNIs0JpycKaDn3w6OgpWLQHCSvBk="; }; - patches = [ - # https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=patch;h=9ad74926d4f7f34ff902e1db5235535aa813c33f - ./CVE-2026-6507.patch - ]; - postPatch = lib.optionalString stdenv.hostPlatform.isLinux '' sed '1i#include ' -i src/dhcp.c '';