limesurvey: 5.6.9+230306 -> 6.1.2+230606, unmark broken (0b80a5bf) · Commits · nix / nixpkgs

Changelog: https://github.com/LimeSurvey/LimeSurvey/blob/6.1.2%2B230606/docs/release_notes.txt This upgrade contains security fixes: * XSS issue in notification email address * Issue in CSV user export * Removed vulnerable example files * Administrator can change his own password without entering the existing one * Unsafe way to detect IP address against brute-force attacks

pkgs/servers/limesurvey/default.nix

+2 −3

Original line number	Diff line number	Diff line
		@@ -2,13 +2,13 @@

		stdenv.mkDerivation rec {
		pname = "limesurvey";
		version = "5.6.9+230306";
		version = "6.1.2+230606";

		src = fetchFromGitHub {
		owner = "LimeSurvey";
		repo = "LimeSurvey";
		rev = version;
		hash = "sha256-FBcpP9Zb4flr1AZlocRW8xx9UCXJAU9aaGXcWQE6iWc=";
		hash = "sha256-a89Kdr9XV1TSCoWxYrU0j8ec7rAcIlU/bgLtRjdzqbg=";
		};

		phpConfig = writeText "config.php" ''
		@@ -37,6 +37,5 @@ stdenv.mkDerivation rec {
		homepage = "https://www.limesurvey.org";
		maintainers = with maintainers; [offline];
		platforms = with platforms; unix;
		broken = true; # Not compatible with PHP 8.1
		};
		}

Admin message