From 592fe49fc7fc4b92e26a0bb85def2d3a2e7d8ccf Mon Sep 17 00:00:00 2001
From: Thomas Gerbet <thomas@gerbet.me>
Date: Thu, 23 Feb 2023 21:55:15 +0100
Subject: [PATCH 1/2] haproxy: 2.7.2 -> 2.7.3

Fixes CVE-2023-25725.

https://www.mail-archive.com/haproxy@formilux.org/msg43229.html
---
 pkgs/tools/networking/haproxy/default.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkgs/tools/networking/haproxy/default.nix b/pkgs/tools/networking/haproxy/default.nix
index 1453fea66f53..7e9cec19de02 100644
--- a/pkgs/tools/networking/haproxy/default.nix
+++ b/pkgs/tools/networking/haproxy/default.nix
@@ -11,11 +11,11 @@ assert usePcre -> pcre != null;
 
 stdenv.mkDerivation rec {
   pname = "haproxy";
-  version = "2.7.2";
+  version = "2.7.3";
 
   src = fetchurl {
     url = "https://www.haproxy.org/download/${lib.versions.majorMinor version}/src/${pname}-${version}.tar.gz";
-    sha256 = "sha256-Y7xuwDAtDrvh+nacGWBmQN6DSsjLB0R7gHmctWPcDz8=";
+    sha256 = "sha256-sX5RuWUxhDtKmdLDtiGCgbyYi/Ykyf+Q4Z8MvLol0Gc=";
   };
 
   buildInputs = [ openssl zlib libxcrypt ]

From 43e79015bf52e90bfe2983e0f1c54e781557d79f Mon Sep 17 00:00:00 2001
From: Thomas Gerbet <thomas@gerbet.me>
Date: Mon, 27 Feb 2023 17:56:56 +0100
Subject: [PATCH 2/2] nixos/tests/haproxy: stop using nixos/profiles/minimal

The defaults conflicts with the defaults of `services.httpd`:
```
error: The option `nodes.machine.services.logrotate.enable' has conflicting definition values:
       - In `/home/thomas/Workspace/Packaging/nixpkgs/nixos/modules/profiles/minimal.nix': false
       - In `/home/thomas/Workspace/Packaging/nixpkgs/nixos/modules/services/web-servers/apache-httpd/default.nix': true
       Use `lib.mkForce value` or `lib.mkDefault value` to change the priority on any of these definitions.
(use '--show-trace' to show detailed location information)
```

`nixos/profile/minimal` is not used in the majority of the tests and it does not
seem to have a specific reason to use it for the HAProxy test.
---
 nixos/tests/haproxy.nix | 1 -
 1 file changed, 1 deletion(-)

diff --git a/nixos/tests/haproxy.nix b/nixos/tests/haproxy.nix
index b6ff4102fe68..555474d7f299 100644
--- a/nixos/tests/haproxy.nix
+++ b/nixos/tests/haproxy.nix
@@ -2,7 +2,6 @@ import ./make-test-python.nix ({ pkgs, ...}: {
   name = "haproxy";
   nodes = {
     machine = { ... }: {
-      imports = [ ../modules/profiles/minimal.nix ];
       services.haproxy = {
         enable = true;
         config = ''