Merge pull request #289685 from dotlambda/ceph-cryptography

ceph: fix cryptography override
2024-02-19 06:03:10 +00:00 · 2024-02-19 06:03:10 +00:00 · 711b0df692
commit 711b0df692
parent aa4e6947d2 b06ebb2cf3
1 changed files with 1 additions and 1 deletions
--- a/pkgs/tools/filesystems/ceph/default.nix
+++ b/pkgs/tools/filesystems/ceph/default.nix
@ -195,7 +195,7 @@ let
          hash = "sha256-gFfDTc2QWBWHBCycVH1dYlCsWQMVcRZfOBIau+njtDU=";
        };

-        patches = (old.patches or []) ++ [
+        patches = [
          # Fix https://nvd.nist.gov/vuln/detail/CVE-2023-49083 which has no upstream backport.
          # See https://github.com/pyca/cryptography/commit/f09c261ca10a31fe41b1262306db7f8f1da0e48a#diff-f5134bf8f3cf0a5cc8601df55e50697acc866c603a38caff98802bd8e17976c5R1893
          ./python-cryptography-Cherry-pick-fix-for-CVE-2023-49083-on-cryptography-40.patch