# Workaround for CVE-2024-2961 on NixOS
This Nix snippet implements the workaround to CVE-2024-2961 as described by
[the Rocky Linux team](https://rockylinux.org/news/glibc-vulnerability-april-2024/).
Also a big thanks to [Martin Weinelt](https://github.com/mweinelt) for making
this work without rebuilding every single package on your computer.

## How to apply
Clone this repository and add the path to `workaround-cve-2024-2961.nix`
to the `imports` attribute of your `configuration.nix`, like this:

```nix
{ config, pkgs, ... }: {

  ...

  imports = [
    ...
    <path-to-repo>/nixos-workaround-cve-2024-2961/workaround-cve-2024-2961.nix
  ];

  ...
}
```

## Caveats
Keep in mind that this workaround disables encoding conversion to/from the
ISO-2022-CN-EXT Chinese text encoding. If this is something you or your users
need, you cannot apply this workaround or things will break.