From 2de13398e6a14c44afe0419428ddc6d78730b61e Mon Sep 17 00:00:00 2001 From: stuebinm Date: Mon, 1 Jul 2024 14:47:37 +0200 Subject: [PATCH] update nixpkgs-unstable-small this includes the fix for a remote code excecution as root https://github.com/NixOS/nixpkgs/pull/323761 (probably CVE-2024-6387) annoyingly it did not bump the version number (to check that the fix is indeed there, one has to check wich patches are applied). it also adds nextcloud to the permitteed insecure packages because we again didn't update it in time (in fairness, it is also broken). fun irony! --- flake.lock | 6 +++--- flake.nix | 1 + 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 22ac0b6..4db77f0 100644 --- a/flake.lock +++ b/flake.lock @@ -89,11 +89,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1719176307, - "narHash": "sha256-r8eUJqKlq2xQmK95s1Q9+OwV6Py/pPbDN8T6V4GLP8E=", + "lastModified": 1719825363, + "narHash": "sha256-2ASBatUTQWNIiTeBZRuxROu27MyOavVnzeCv7h40QNw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "5defcb4b0d6c286e8b4b2869cf38efb4cdeb5bf4", + "rev": "10c832d0548e9e3a6df7eb51e68c2783212a303e", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index e49f0ef..ec1d631 100644 --- a/flake.nix +++ b/flake.nix @@ -38,6 +38,7 @@ sources = inputs; system = "x86_64-linux"; config.allowUnfree = true; + config.permittedInsecurePackages = [ "nextcloud-27.1.11" ]; }; in { nixosConfigurations.parsons = nixpkgs.lib.nixosSystem {