[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#27429: Stack clash (CVE-2017-1000366 etc)
From: |
Leo Famulari |
Subject: |
bug#27429: Stack clash (CVE-2017-1000366 etc) |
Date: |
Fri, 23 Jun 2017 13:20:38 -0400 |
User-agent: |
Mutt/1.8.3 (2017-05-23) |
On Wed, Jun 21, 2017 at 12:50:45PM +0300, Efraim Flashner wrote:
> Subject: [PATCH] gnu: glibc: Patch CVE-2017-1000366.
>
> * gnu/packages/base.scm (glibc/linux)[replacement]: New field.
> (glibc-2.25-fixed): New variable.
> (address@hidden, address@hidden, address@hidden, address@hidden)[source]: Add
> patches.
> [replacement]: New field.
> (glibc-locales)[replacement]: New field.
> * gnu/packages/commencement.scm (cross-gcc-wrapper)[replacement]: New field.
> * gnu/packages/patches/glibc-CVE-2017-1000366.patch,
> gnu/packages/patches/glibc-reject-long-LD-AUDIT.patch,
> gnu/packages/patches/glibc-reject-long-LD-PRELOAD.patch: New files.
> * gnu/local.mk (dist_patch_DATA): Add them.
I've applied this patch to my Guix-on-foreign-distro workstation.
Everything seems to be working so far.
I noticed that grafted packages do not seem refer directly to the
replacement glibc. For example:
$ ./pre-inst-env guix build -e '(@@ (gnu packages base) glibc-2.25-patched)'
/gnu/store/kczijfli8cb0qjyrfzbrd06bdrpic7lx-glibc-2.25-debug
/gnu/store/7gqx6nd64hn9wdqmppp8h42ncfx246c0-glibc-2.25
$ guix gc --references /gnu/store/7gqx6nd64hn9wdqmppp8h42ncfx246c0-glibc-2.25
/gnu/store/7gqx6nd64hn9wdqmppp8h42ncfx246c0-glibc-2.25
/gnu/store/946hwcxnd9w13gyqprs0fzkmyyz4hdar-bash-static-4.4.12
/gnu/store/n4fmp3fj1yam5ijwa64irg7glvzsq4i1-bash-4.4.12
/gnu/store/zfcrz72znwk4arq03vbbczxgw5i7lsp9-glibc-2.25
$ guix gc --references $(./pre-inst-env guix build libressl)
/gnu/store/7ahy5yw88wq1fg1lmr84vy958sgzgp5g-libressl-2.5.4
/gnu/store/p8k2id55pynzjmaixlns94phvr7mz5ls-gcc-5.4.0-lib
/gnu/store/zfcrz72znwk4arq03vbbczxgw5i7lsp9-glibc-2.25
However, I haven't had time to dig in and wrap my head around the glibc
packages.
By the way, Qualys will probably begin publishing their exploits on
Tuesday [0]:
"We have discussed this internally, and we will first publish the Stack
Clash exploits and proofs-of-concepts that we sent to the distros@ and
linux-distros@ lists, plus our Linux ld.so exploit for amd64, and our
Solaris rsh exploit.
We will do so next Tuesday, but we will publish our Linux exploits and
proofs-of-concept if and only if Fedora updates are ready by then, our
NetBSD proof-of-concept if and only if NetBSD patches are ready by then,
and our FreeBSD proofs-of-concept if and only if FreeBSD patches are
ready by then."
[0] <http://seclists.org/oss-sec/2017/q2/548>
signature.asc
Description: PGP signature
- bug#27429: Stack clash (CVE-2017-1000366 etc), (continued)
- bug#27429: Stack clash (CVE-2017-1000366 etc), Ludovic Courtès, 2017/06/29
- bug#27429: Stack clash (CVE-2017-1000366 etc), Mark H Weaver, 2017/06/29
- bug#27429: Stack clash (CVE-2017-1000366 etc), Ludovic Courtès, 2017/06/29
- bug#27429: core-updates and shishi [was Re: bug#27429: Stack clash (CVE-2017-1000366 etc)], Leo Famulari, 2017/06/29
- bug#27429: core-updates and shishi [was Re: bug#27429: Stack clash (CVE-2017-1000366 etc)], Ludovic Courtès, 2017/06/29
- bug#27429: core-updates and shishi [was Re: bug#27429: Stack clash (CVE-2017-1000366 etc)], Leo Famulari, 2017/06/30
- bug#27429: core-updates and shishi [was Re: bug#27429: Stack clash (CVE-2017-1000366 etc)], Ludovic Courtès, 2017/06/30
- bug#27429: Stack clash (CVE-2017-1000366 etc),
Leo Famulari <=
- bug#27429: Stack clash (CVE-2017-1000366 etc), Mark H Weaver, 2017/06/23
- bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari, 2017/06/23
- bug#27429: Stack clash (CVE-2017-1000366 etc), Mark H Weaver, 2017/06/23
- bug#27429: Stack clash (CVE-2017-1000366 etc), Mark H Weaver, 2017/06/24
- bug#27429: Stack clash (CVE-2017-1000366 etc), Ludovic Courtès, 2017/06/26
- bug#27429: Stack clash (CVE-2017-1000366 etc), Mark H Weaver, 2017/06/26
- bug#27429: Stack clash (CVE-2017-1000366 etc), Ludovic Courtès, 2017/06/27
- bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari, 2017/06/28
bug#27429: Stack clash (CVE-2017-1000366 etc), Mark H Weaver, 2017/06/19
bug#27429: Stack clash (CVE-2017-1000366 etc); -fstack-check, Danny Milosavljevic, 2017/06/25