From b0816236849483d6c2493fd876ac362580be52b3 Mon Sep 17 00:00:00 2001
From: Weijia Wang <9713184+wegank@users.noreply.github.com>
Date: Wed, 10 Apr 2024 07:30:37 +0200
Subject: [PATCH] guix: add patch for CVE-2024-27297

---
 pkgs/by-name/gu/guix/package.nix | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/pkgs/by-name/gu/guix/package.nix b/pkgs/by-name/gu/guix/package.nix
index 6549a9b8e276..8f9e4e4836b9 100644
--- a/pkgs/by-name/gu/guix/package.nix
+++ b/pkgs/by-name/gu/guix/package.nix
@@ -1,6 +1,7 @@
 { lib
 , stdenv
 , fetchurl
+, fetchpatch
 , autoreconfHook
 , disarchive
 , git
@@ -43,6 +44,19 @@ stdenv.mkDerivation rec {
     hash = "sha256-Q8dpy/Yy7wVEmsH6SMG6FSwzSUxqvH5HE3u6eyFJ+KQ=";
   };
 
+  patches = [
+    (fetchpatch {
+      name = "CVE-2024-27297_1.patch";
+      url = "https://git.savannah.gnu.org/cgit/guix.git/patch/?id=8f4ffb3fae133bb21d7991e97c2f19a7108b1143";
+      hash = "sha256-xKo1h2uckC2pYHt+memekagfL6dWcF8gOnTOOW/wJUU=";
+    })
+    (fetchpatch {
+      name = "CVE-2024-27297_2.patch";
+      url = "https://git.savannah.gnu.org/cgit/guix.git/patch/?id=ff1251de0bc327ec478fc66a562430fbf35aef42";
+      hash = "sha256-f4KWDVrvO/oI+4SCUHU5GandkGtHrlaM1BWygM/Qlao=";
+    })
+  ];
+
   postPatch = ''
     sed nix/local.mk -i -E \
       -e "s|^sysvinitservicedir = .*$|sysvinitservicedir = $out/etc/init.d|" \