···

       
1
       
1
       
 
       
{ lib, stdenv, fetchurl, lua, pkg-config, nixosTests

     

       
2
       
2
       
-
       
, tcl, which, ps

     

       
2
       
2
       
+
       
, tcl, which, ps, fetchpatch

     

       
3
       
3
       
 
       
, withSystemd ? stdenv.isLinux && !stdenv.hostPlatform.isStatic, systemd

     

       
4
       
4
       
 
       
# dependency ordering is broken at the moment when building with openssl

     

       
5
       
5
       
 
       
, tlsSupport ? !stdenv.hostPlatform.isStatic, openssl

     
···

       
13
       
13
       
 
       
    url = "https://download.redis.io/releases/${pname}-${version}.tar.gz";

     

       
14
       
14
       
 
       
    hash = "sha256-ZwVMw3tYwSXfk714AAJh7A70Q2omtA84Jix4DlYxXMM=";

     

       
15
       
15
       
 
       
  };

     

       
16
       
16
       
+
       


     

       
17
       
17
       
+
       
  patches = [

     

       
18
       
18
       
+
       
    # https://nvd.nist.gov/vuln/detail/CVE-2022-3647

     

       
19
       
19
       
+
       
    (fetchpatch {

     

       
20
       
20
       
+
       
      name = "CVE-2022-3647.patch";

     

       
21
       
21
       
+
       
      url = "https://github.com/redis/redis/commit/0bf90d944313919eb8e63d3588bf63a367f020a3.patch";

     

       
22
       
22
       
+
       
      sha256 = "sha256-R5Tj/bHFTRnvWXiOYvRulqePzU5zvKbGfpO87TLfLWk=";

     

       
23
       
23
       
+
       
    })

     

       
24
       
24
       
+
       
  ];

     

       
16
       
25
       
 
       


     

       
17
       
26
       
 
       
  nativeBuildInputs = [ pkg-config ];

     

       
18
       
27