[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
security patching of 'patch' package
From: |
Léo Le Bouter |
Subject: |
security patching of 'patch' package |
Date: |
Wed, 10 Mar 2021 04:14:35 +0100 |
User-agent: |
Evolution 3.34.2 |
Hello!
I could find that the 'patch' package was vulnerable to numerous CVEs
that other distros like Debian have patched. Here's the list reported
by 'guix lint -c cve patch':
patch@2.7.6: probably vulnerable to CVE-2019-13636, CVE-2019-13638,
CVE-2019-20633, CVE-2018-1000156, CVE-2018-20969, CVE-2018-6951, CVE-
2018-6952
Can I use latest commit from master to build 'patch' then graft
original package?
i.e. https://git.savannah.gnu.org/git/patch.git
There's not that many commits since last release, but lots of time:
https://git.savannah.gnu.org/cgit/patch.git/log/
Thank you,
Léo
signature.asc
Description: This is a digitally signed message part
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- security patching of 'patch' package,
Léo Le Bouter <=