[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#27429: Stack clash (CVE-2017-1000366 etc)
From: |
Leo Famulari |
Subject: |
bug#27429: Stack clash (CVE-2017-1000366 etc) |
Date: |
Wed, 21 Jun 2017 19:52:27 -0400 |
User-agent: |
Mutt/1.8.3 (2017-05-23) |
On Wed, Jun 21, 2017 at 12:50:45PM +0300, Efraim Flashner wrote:
> Had to make a small change to the patch, it turns out it couldn't build
> the source for address@hidden, so I changed the source to inherit from
> address@hidden and not just from glibc. It doesn't change anything for the
> actual address@hidden
>
> --
> Efraim Flashner <address@hidden> אפרים פלשנר
> GPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351
> Confidentiality cannot be guaranteed on emails sent or received unencrypted
> From ef14fa6db5eaedabbaa092cbed2b6f8ee903837c Mon Sep 17 00:00:00 2001
> From: Efraim Flashner <address@hidden>
> Date: Mon, 19 Jun 2017 23:13:53 +0300
> Subject: [PATCH] gnu: glibc: Patch CVE-2017-1000366.
>
> * gnu/packages/base.scm (glibc/linux)[replacement]: New field.
> (glibc-2.25-fixed): New variable.
> (address@hidden, address@hidden, address@hidden, address@hidden)[source]: Add
> patches.
> [replacement]: New field.
> (glibc-locales)[replacement]: New field.
> * gnu/packages/commencement.scm (cross-gcc-wrapper)[replacement]: New field.
> * gnu/packages/patches/glibc-CVE-2017-1000366.patch,
> gnu/packages/patches/glibc-reject-long-LD-AUDIT.patch,
> gnu/packages/patches/glibc-reject-long-LD-PRELOAD.patch: New files.
> * gnu/local.mk (dist_patch_DATA): Add them.
Thanks, I'm building a bare-bones disk image to test this patch.
signature.asc
Description: PGP signature
- bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari, 2017/06/19
- bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari, 2017/06/19
- bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari, 2017/06/19
- bug#27429: Stack clash (CVE-2017-1000366 etc), Efraim Flashner, 2017/06/20
- bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari, 2017/06/20
- bug#27429: Stack clash (CVE-2017-1000366 etc), Mark H Weaver, 2017/06/20
- bug#27429: Stack clash (CVE-2017-1000366 etc), Efraim Flashner, 2017/06/21
- bug#27429: Stack clash (CVE-2017-1000366 etc), Efraim Flashner, 2017/06/21
- bug#27429: Stack clash (CVE-2017-1000366 etc),
Leo Famulari <=
- bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari, 2017/06/21
- bug#27429: Stack clash (CVE-2017-1000366 etc), Mark H Weaver, 2017/06/22
- bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari, 2017/06/22
- bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari, 2017/06/22
- bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari, 2017/06/22
- bug#27429: Stack clash (CVE-2017-1000366 etc), Ludovic Courtès, 2017/06/29
- bug#27429: Stack clash (CVE-2017-1000366 etc), Mark H Weaver, 2017/06/29
- bug#27429: Stack clash (CVE-2017-1000366 etc), Ludovic Courtès, 2017/06/29
- bug#27429: core-updates and shishi [was Re: bug#27429: Stack clash (CVE-2017-1000366 etc)], Leo Famulari, 2017/06/29
- bug#27429: core-updates and shishi [was Re: bug#27429: Stack clash (CVE-2017-1000366 etc)], Ludovic Courtès, 2017/06/29