guix-commits
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

01/01: gnu: linux-libre: Fix CVE-2017-1000251.


From: Mark H. Weaver
Subject: 01/01: gnu: linux-libre: Fix CVE-2017-1000251.
Date: Wed, 13 Sep 2017 12:56:17 -0400 (EDT)

mhw pushed a commit to branch master
in repository guix.

commit be2b2dff210295e04077b03d4a58fa248f5fe1c4
Author: Mark H Weaver <address@hidden>
Date:   Wed Sep 13 12:51:07 2017 -0400

    gnu: linux-libre: Fix CVE-2017-1000251.
    
    * gnu/packages/linux.scm (linux-libre, linux-libre-4.9)
    (linux-libre-4.4, linux-libre-arm-generic): Add patch.
---
 gnu/packages/linux.scm | 60 +++++++++++++++++++++++++++++++++++++++++++++-----
 1 file changed, 55 insertions(+), 5 deletions(-)

diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index 28a5e5b..40d9cf2 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -374,32 +374,82 @@ It has been modified to remove all non-free binary 
blobs.")
   (make-linux-libre %linux-libre-version
                     %linux-libre-hash
                     %intel-compatible-systems
-                    #:configuration-file kernel-config))
+                    #:configuration-file kernel-config
+                    #:patches
+                    (list %boot-logo-patch
+                          (origin
+                            (method url-fetch)
+                            (uri "\
+https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git/patch/?id=7c3899324f16a8e50764fc9804bf4b06ac023133";)
+                            (file-name 
"linux-libre-4.13-CVE-2017-1000251.patch")
+                            (sha256
+                             (base32
+                              
"11pxxrvfvpq9xfahdk73c64w2381w1yqchphjgylzahw4p6mjffh"))))))
 
 (define-public linux-libre-4.9
   (make-linux-libre "4.9.49"
                     "07k3zn6kqbbyrjmknwvx5d4pnblz9s8sarxym5lgjm8abpvjp347"
                     %intel-compatible-systems
-                    #:configuration-file kernel-config))
+                    #:configuration-file kernel-config
+                    #:patches
+                    (list %boot-logo-patch
+                          (origin
+                            (method url-fetch)
+                            (uri "\
+https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git/patch/?id=2bc1cc696eb173578162d6202a032fb46e3db1f4";)
+                            (file-name 
"linux-libre-4.9-CVE-2017-1000251.patch")
+                            (sha256
+                             (base32
+                              
"0mpl5mc9s0bs2ls9hvl8dfm8vfaicx87j3n32nswqj4yk61inma5"))))))
 
 (define-public linux-libre-4.4
   (make-linux-libre "4.4.87"
                     "0yiqs4i4ydgb2kg8xdyqk9rkhymrnd2dw7jf9wnn5kxfwc2nbqpj"
                     %intel-compatible-systems
-                    #:configuration-file kernel-config))
+                    #:configuration-file kernel-config
+                    #:patches
+                    (list %boot-logo-patch
+                          (origin
+                            (method url-fetch)
+                            (uri "\
+https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git/patch/?id=4a01092a5fa819397484fe2b50e9518356858156";)
+                            (file-name 
"linux-libre-4.4-CVE-2017-1000251.patch")
+                            (sha256
+                             (base32
+                              
"0zmkw9zvzpwy2ihiyfrw6mrf8qzv77cm23lxadr20qvzqlc1xzb3"))))))
 
 (define-public linux-libre-4.1
   (make-linux-libre "4.1.43"
                     "0ycqmvczj7lm7czilnwpyp14n2lzilyx7m43rsq1qdm2m5rp4q2w"
                     %intel-compatible-systems
-                    #:configuration-file kernel-config))
+                    #:configuration-file kernel-config
+                    #:patches
+                    (list %boot-logo-patch
+                          (origin
+                            (method url-fetch)
+                            (uri "\
+https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git/patch/?id=4a01092a5fa819397484fe2b50e9518356858156";)
+                            (file-name 
"linux-libre-4.4-CVE-2017-1000251.patch")
+                            (sha256
+                             (base32
+                              
"0zmkw9zvzpwy2ihiyfrw6mrf8qzv77cm23lxadr20qvzqlc1xzb3"))))))
 
 (define-public linux-libre-arm-generic
   (make-linux-libre %linux-libre-version
                     %linux-libre-hash
                     '("armhf-linux")
                     #:defconfig "multi_v7_defconfig"
-                    #:extra-version "arm-generic"))
+                    #:extra-version "arm-generic"
+                    #:patches
+                    (list %boot-logo-patch
+                          (origin
+                            (method url-fetch)
+                            (uri "\
+https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git/patch/?id=7c3899324f16a8e50764fc9804bf4b06ac023133";)
+                            (file-name 
"linux-libre-4.13-CVE-2017-1000251.patch")
+                            (sha256
+                             (base32
+                              
"11pxxrvfvpq9xfahdk73c64w2381w1yqchphjgylzahw4p6mjffh"))))))
 
 
 ;;;



reply via email to

[Prev in Thread] Current Thread [Next in Thread]