mirror of
https://github.com/NixOS/nixos-hardware.git
synced 2025-11-03 16:57:14 +08:00
b09586b101
The broadcom-sta driver package is marked as insecure due to CVE-2019-9501 and CVE-2019-9502 (heap buffer overflow vulnerabilities allowing remote code execution). The driver is also unmaintained and incompatible with modern Linux kernel security mitigations. Removed broadcom_sta from extraModulePackages and the corresponding "wl" kernel module. This resolves test failures where Nixpkgs refuses to evaluate configurations containing this insecure package.
16 lines
268 B
Nix
16 lines
268 B
Nix
{ config, lib, ... }:
|
|
|
|
{
|
|
imports = [
|
|
../../../common/cpu/intel/haswell
|
|
../../../common/pc/laptop
|
|
];
|
|
|
|
hardware.enableAllFirmware = lib.mkDefault true;
|
|
|
|
services = {
|
|
fwupd.enable = lib.mkDefault true;
|
|
thermald.enable = lib.mkDefault true;
|
|
};
|
|
}
|