On Wed, Jun 21, 2017 at 12:50:45PM +0300, Efraim Flashner wrote: > Had to make a small change to the patch, it turns out it couldn't build > the source for glibc@2.21, so I changed the source to inherit from > glibc@2.22 and not just from glibc. It doesn't change anything for the > actual glibc@2.25. > > -- > Efraim Flashner <efr...@flashner.co.il> אפרים פלשנר > GPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351 > Confidentiality cannot be guaranteed on emails sent or received unencrypted
> From ef14fa6db5eaedabbaa092cbed2b6f8ee903837c Mon Sep 17 00:00:00 2001 > From: Efraim Flashner <efr...@flashner.co.il> > Date: Mon, 19 Jun 2017 23:13:53 +0300 > Subject: [PATCH] gnu: glibc: Patch CVE-2017-1000366. > > * gnu/packages/base.scm (glibc/linux)[replacement]: New field. > (glibc-2.25-fixed): New variable. > (glibc@2.24, glibc@2.23, glibc@2.22, glibc@2.21)[source]: Add patches. > [replacement]: New field. > (glibc-locales)[replacement]: New field. > * gnu/packages/commencement.scm (cross-gcc-wrapper)[replacement]: New field. > * gnu/packages/patches/glibc-CVE-2017-1000366.patch, > gnu/packages/patches/glibc-reject-long-LD-AUDIT.patch, > gnu/packages/patches/glibc-reject-long-LD-PRELOAD.patch: New files. > * gnu/local.mk (dist_patch_DATA): Add them. Thanks, I'm building a bare-bones disk image to test this patch.
signature.asc
Description: PGP signature
