mirror of
https://github.com/NixOS/nixpkgs.git
synced 2026-07-06 17:13:24 -05:00
[Backport release-26.05] perlPackages.BytesRandomSecureTiny: add patch for CVE-2026-11702 (#536001)
This commit is contained in:
commit
4e244187af
1 changed files with 11 additions and 0 deletions
|
|
@ -2907,6 +2907,17 @@ with self;
|
|||
url = "mirror://cpan/authors/id/D/DA/DAVIDO/Bytes-Random-Secure-Tiny-1.011.tar.gz";
|
||||
hash = "sha256-A9lntfgoRpCRN9WrmYSsVwrBCkQB4MYC89IgjEZayYI=";
|
||||
};
|
||||
patches = [
|
||||
(fetchpatch {
|
||||
name = "CVE-2026-11702.patch";
|
||||
url = "https://security.metacpan.org/patches/B/Bytes-Random-Secure-Tiny/1.011/CVE-2026-11702-r1.patch";
|
||||
hash = "sha256-81wvVdtQsF5YeRhjAeaOFa7aE1cgdCni+G28LA7ZLqM=";
|
||||
})
|
||||
];
|
||||
preCheck = ''
|
||||
# Remove test that CVE patch breaks: "Attempt to access disallowed key '_rng' in a restricted hash"
|
||||
rm t/35-mrie-cover.t
|
||||
'';
|
||||
meta = {
|
||||
description = "Tiny Perl extension to generate cryptographically-secure random bytes";
|
||||
license = with lib.licenses; [
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue