On Wed, Jun 21, 2017 at 07:52:27PM -0400, Leo Famulari wrote: > On Wed, Jun 21, 2017 at 12:50:45PM +0300, Efraim Flashner wrote: > > Had to make a small change to the patch, it turns out it couldn't build > > the source for glibc@2.21, so I changed the source to inherit from > > glibc@2.22 and not just from glibc. It doesn't change anything for the > > actual glibc@2.25. > > > > -- > > Efraim Flashner <efr...@flashner.co.il> אפרים פלשנר > > GPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351 > > Confidentiality cannot be guaranteed on emails sent or received unencrypted > > > From ef14fa6db5eaedabbaa092cbed2b6f8ee903837c Mon Sep 17 00:00:00 2001 > > From: Efraim Flashner <efr...@flashner.co.il> > > Date: Mon, 19 Jun 2017 23:13:53 +0300 > > Subject: [PATCH] gnu: glibc: Patch CVE-2017-1000366. > > > > * gnu/packages/base.scm (glibc/linux)[replacement]: New field. > > (glibc-2.25-fixed): New variable. > > (glibc@2.24, glibc@2.23, glibc@2.22, glibc@2.21)[source]: Add patches. > > [replacement]: New field. > > (glibc-locales)[replacement]: New field. > > * gnu/packages/commencement.scm (cross-gcc-wrapper)[replacement]: New field. > > * gnu/packages/patches/glibc-CVE-2017-1000366.patch, > > gnu/packages/patches/glibc-reject-long-LD-AUDIT.patch, > > gnu/packages/patches/glibc-reject-long-LD-PRELOAD.patch: New files. > > * gnu/local.mk (dist_patch_DATA): Add them. > > Thanks, I'm building a bare-bones disk image to test this patch.
Hm, I noticed the bootstrap binaries being downloaded, so I don't think this patch applies the graft without causing a full rebuild.
signature.asc
Description: PGP signature
