From ed294a5b36e216f380c53cc817ede613fe5cddde Mon Sep 17 00:00:00 2001 From: Marc Jakobi Date: Tue, 9 Jun 2026 12:13:16 +0200 Subject: [PATCH] neovim-unwrapped: apply CVE-2026-11487.patch (cherry picked from commit fcbcfa55dd1a63fa7bd99eda272080ef9585638d) --- pkgs/by-name/ne/neovim-unwrapped/package.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/pkgs/by-name/ne/neovim-unwrapped/package.nix b/pkgs/by-name/ne/neovim-unwrapped/package.nix index 0f0f799d5ccd..ae0c858bf89f 100644 --- a/pkgs/by-name/ne/neovim-unwrapped/package.nix +++ b/pkgs/by-name/ne/neovim-unwrapped/package.nix @@ -2,6 +2,7 @@ lib, stdenv, fetchFromGitHub, + fetchpatch, cmake, gettext, libuv, @@ -123,6 +124,11 @@ stdenv.mkDerivation ( # necessary so that nix can handle `UpdateRemotePlugins` for the plugins # it installs. See https://github.com/neovim/neovim/issues/9413. ./system_rplugin_manifest.patch + (fetchpatch { + name = "CVE-2026-11487.patch"; + url = "https://github.com/neovim/neovim/commit/f83e0dcaf8cf18de94828341b0a1a61a86c75baf.patch"; + hash = "sha256-iWnq0ezbKYJqjvevVlcTJBvUc17ZvrhsanhtuKrh8zM="; + }) ]; inherit lua;