From 9455fefe5dd5a9a9ccb5a567135d04ad90c274f0 Mon Sep 17 00:00:00 2001
From: clerie <git@clerie.de>
Date: Mon, 1 Jul 2024 20:14:19 +0200
Subject: [PATCH 1/3] configuration/common: Hotfix OpenSSH CVE-2024-6387

---
 configuration/common/ssh.nix | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/configuration/common/ssh.nix b/configuration/common/ssh.nix
index e62aab5..110c670 100644
--- a/configuration/common/ssh.nix
+++ b/configuration/common/ssh.nix
@@ -7,6 +7,9 @@
     PasswordAuthentication = false;
     KbdInteractiveAuthentication = false;
     PermitRootLogin = lib.mkDefault "no";
+
+    # Hotfix CVE-2024-6387 https://github.com/NixOS/nixpkgs/pull/323753
+    LoginGraceTime = 0;
   };
   services.openssh.hostKeys = lib.mkForce [
     # Only create ed25519 host keys

From c9d937eec7d02a18e47e1063453d5d58d3bc7d5b Mon Sep 17 00:00:00 2001
From: clerie <git@clerie.de>
Date: Mon, 1 Jul 2024 21:35:04 +0200
Subject: [PATCH 2/3] hosts/web-2: Update nogo2024

---
 hosts/web-2/nogo2024.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/hosts/web-2/nogo2024.nix b/hosts/web-2/nogo2024.nix
index 5a39690..26c7433 100644
--- a/hosts/web-2/nogo2024.nix
+++ b/hosts/web-2/nogo2024.nix
@@ -11,8 +11,8 @@
       locations."= /nogo2024.ics" = {
         root = pkgs.fetchgit {
           url = "https://git.clerie.de/clerie/nogo2024.git";
-          rev = "348bbe99daf1b1f331783a0298a445f24ca58c85";
-          sha256 = "sha256-QYOadI1RUUmS6UDG3MAeor6qERaBiaCBUG0+cchm1FQ=";
+          rev = "fdc07667e6cfa09e91eaaee488528fb842a6115d";
+          sha256 = "sha256-qRviw0sQnMmrkwBO0+AWnmeqZK8wXeFxZJgmLMUtzn4=";
         };
       };
     };

From 812aeeb0b42c956bfb306e05170c49c262480717 Mon Sep 17 00:00:00 2001
From: Flake Update Bot <flake-update-bot@clerie.de>
Date: Tue, 2 Jul 2024 03:03:57 +0200
Subject: [PATCH 3/3] Update nixpkgs 2024-07-02-01-03

---
 flake.lock | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/flake.lock b/flake.lock
index 4aaa8c4..7d23272 100644
--- a/flake.lock
+++ b/flake.lock
@@ -268,11 +268,11 @@
     },
     "nixpkgs_3": {
       "locked": {
-        "lastModified": 1719254875,
-        "narHash": "sha256-ECni+IkwXjusHsm9Sexdtq8weAq/yUyt1TWIemXt3Ko=",
+        "lastModified": 1719690277,
+        "narHash": "sha256-0xSej1g7eP2kaUF+JQp8jdyNmpmCJKRpO12mKl/36Kc=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "2893f56de08021cffd9b6b6dfc70fd9ccd51eb60",
+        "rev": "2741b4b489b55df32afac57bc4bfd220e8bf617e",
         "type": "github"
       },
       "original": {