colly: 2019-02-04 → 2023-10-20

[fabianhjr]

Addresses CVE-2020-25614 via unreleased colly change:

https://github.com/gocolly/colly/pull/582/commits/cc4edb507a0459d5012dbe6c80def9374059524c

https://nvd.nist.gov/vuln/detail/CVE-2020-25614 CVSS 9.8 Critical: SIGSEGV / Denial of Service

[fabianhjr]

tested via

--- a/pkgs/tools/security/keybase/default.nix
+++ b/pkgs/tools/security/keybase/default.nix
@@ -5,7 +5,7 @@
 
 buildGoModule rec {
   pname = "keybase";
-  version = "6.2.4";
+  version = "6.3.0-8ed5dc852f2b5778ef25df939ad058c98847e6f4";
 
   modRoot = "go";
   subPackages = [ "kbnm" "keybase" ];
@@ -15,10 +15,10 @@ buildGoModule rec {
   src = fetchFromGitHub {
     owner = "keybase";
     repo = "client";
-    rev = "v${version}";
-    hash = "sha256-z7vpCUK+NU7xU9sNBlQnSy9sjXD7/m8jSRKfJAgyyN8=";
+    rev = "8ed5dc852f2b5778ef25df939ad058c98847e6f4";
+    hash = "sha256-lpOSb9M1Vvo2nSkC4N0VLP7xuQI48HHZSRdrAXwlbeI=";
   };
-  vendorHash = "sha256-tXEEVEfjoKub2A4m7F3hDc5ABJ+R+axwX1+1j7e3BAM=";
+  vendorHash = "sha256-q+faWcXdPoY0MEmJF2HLFRU+2zhhGtWArG3MrmLyw50=";
 
   patches = [
     (substituteAll {

[fabianhjr]

Builds / compiles, no functionality tested.

[fabianhjr]

/cc @chrisnojima / @joshblum found via trivy scan of keybase images.

[joshblum]

Thanks!