[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#28933: [PATCH] gnu: glibc: Fix CVE-2017-15670, CVE-2017-15671.

From: Marius Bakke
Subject: bug#28933: [PATCH] gnu: glibc: Fix CVE-2017-15670, CVE-2017-15671.
Date: Sun, 22 Oct 2017 23:15:29 +0200
User-agent: Notmuch/0.25.1 ( Emacs/25.3.1 (x86_64-pc-linux-gnu)

Marius Bakke <address@hidden> writes:

> Leo Famulari <address@hidden> writes:
>> On Sat, Oct 21, 2017 at 11:17:32PM +0200, Marius Bakke wrote:
>>> * gnu/packages/patches/glibc-CVE-2017-15670-15671.patch: New file.
>>> * gnu/ (dist_patch_DATA): Register it.
>>> * gnu/packages/base.scm (glibc/linux)[replacement]: New field.
>>> (glibc/fixed): New variable.
>> Thanks!
>> Do you think we need to do anything special with the glibc packages
>> besides glibc/linux, such as glibc/hurd, glibc-2.24, etc?
> It probably should be picked to the earlier glibcs as well, IIRC the
> affected code was from 1997.  I'll try this and amend the patch.

Pushed to master as 60e29339d8389e678bb9ca4bd3420ee9ee88bdf2.

Attachment: signature.asc
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]