summaryrefslogtreecommitdiff
path: root/pkgs/development/python-modules/termplotlib/gnuplot-subprocess.patch
diff options
context:
space:
mode:
authoredef <edef@edef.eu>2023-10-04 19:16:06 +0000
committeredef <edef@edef.eu>2023-10-05 22:04:05 +0000
commit09325d24b685a3ab5507dc906ab4019696d33d59 (patch)
treef8fe2aef2c700bf0e87312125d58601f29a94348 /pkgs/development/python-modules/termplotlib/gnuplot-subprocess.patch
parentad1ca74ffe049eb240b3721d0cf3c5e88682c2a7 (diff)
nixos/security/wrappers: use musl rather than glibc and explicitly unset insecure env vars
This mitigates CVE-2023-4911, crucially without a mass-rebuild. We drop insecure environment variables explicitly, including glibc-specific ones, since musl doesn't do this by default. Change-Id: I591a817e6d4575243937d9ccab51c23a96bed6f9
Diffstat (limited to 'pkgs/development/python-modules/termplotlib/gnuplot-subprocess.patch')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.2.3 (git 2.25.1) at 2026-02-04 04:11:29 +0000