We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
1 parent 04a8958 commit 6aa50d0Copy full SHA for 6aa50d0
pkgs/tools/compression/xz/default.nix
@@ -11,10 +11,13 @@
11
12
stdenv.mkDerivation (finalAttrs: {
13
pname = "xz";
14
- version = "5.4.6";
+ version = "5.4.6"; # Beware of CVE-2024-3094 and related risks!!!
15
16
src = fetchurl {
17
- url = with finalAttrs; "https://github.com/tukaani-project/xz/releases/download/v${version}/xz-${version}.tar.bz2";
+ url = with finalAttrs;
18
+ # The original URL has been taken down.
19
+ # "https://github.com/tukaani-project/xz/releases/download/v${version}/xz-${version}.tar.bz2";
20
+ "mirror://sourceforge/lzmautils/xz-${version}.tar.bz2";
21
sha256 = "sha256-kThRsnTo4dMXgeyUnxwj6NvPDs9uc6JDbcIXad0+b0k=";
22
};
23
0 commit comments