bug#27429: Stack clash (CVE-2017-1000366 etc)

bug-guix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#27429: Stack clash (CVE-2017-1000366 etc)

From:	Leo Famulari
Subject:	bug#27429: Stack clash (CVE-2017-1000366 etc)
Date:	Wed, 21 Jun 2017 19:52:27 -0400
User-agent:	Mutt/1.8.3 (2017-05-23)

On Wed, Jun 21, 2017 at 12:50:45PM +0300, Efraim Flashner wrote:
> Had to make a small change to the patch, it turns out it couldn't build
> the source for address@hidden, so I changed the source to inherit from
> address@hidden and not just from glibc. It doesn't change anything for the
> actual address@hidden
> 
> -- 
> Efraim Flashner   <address@hidden>   אפרים פלשנר
> GPG key = A28B F40C 3E55 1372 662D  14F7 41AA E7DC CA3D 8351
> Confidentiality cannot be guaranteed on emails sent or received unencrypted

> From ef14fa6db5eaedabbaa092cbed2b6f8ee903837c Mon Sep 17 00:00:00 2001
> From: Efraim Flashner <address@hidden>
> Date: Mon, 19 Jun 2017 23:13:53 +0300
> Subject: [PATCH] gnu: glibc: Patch CVE-2017-1000366.
> 
> * gnu/packages/base.scm (glibc/linux)[replacement]: New field.
> (glibc-2.25-fixed): New variable.
> (address@hidden, address@hidden, address@hidden, address@hidden)[source]: Add 
> patches.
> [replacement]: New field.
> (glibc-locales)[replacement]: New field.
> * gnu/packages/commencement.scm (cross-gcc-wrapper)[replacement]: New field.
> * gnu/packages/patches/glibc-CVE-2017-1000366.patch,
> gnu/packages/patches/glibc-reject-long-LD-AUDIT.patch,
> gnu/packages/patches/glibc-reject-long-LD-PRELOAD.patch: New files.
> * gnu/local.mk (dist_patch_DATA): Add them.

Thanks, I'm building a bare-bones disk image to test this patch.

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari, 2017/06/19
- bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari, 2017/06/19
  - bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari, 2017/06/19
- bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari, 2017/06/19
  - bug#27429: Stack clash (CVE-2017-1000366 etc), Efraim Flashner, 2017/06/20
    - bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari, 2017/06/20
    - bug#27429: Stack clash (CVE-2017-1000366 etc), Mark H Weaver, 2017/06/20
    - bug#27429: Stack clash (CVE-2017-1000366 etc), Efraim Flashner, 2017/06/21
    - bug#27429: Stack clash (CVE-2017-1000366 etc), Efraim Flashner, 2017/06/21
    - bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari <=
    - bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari, 2017/06/21
    - bug#27429: Stack clash (CVE-2017-1000366 etc), Mark H Weaver, 2017/06/22
    - bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari, 2017/06/22
    - bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari, 2017/06/22
    - bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari, 2017/06/22
    - bug#27429: Stack clash (CVE-2017-1000366 etc), Ludovic Courtès, 2017/06/29
    - bug#27429: Stack clash (CVE-2017-1000366 etc), Mark H Weaver, 2017/06/29
    - bug#27429: Stack clash (CVE-2017-1000366 etc), Ludovic Courtès, 2017/06/29
    - bug#27429: core-updates and shishi [was Re: bug#27429: Stack clash (CVE-2017-1000366 etc)], Leo Famulari, 2017/06/29
    - bug#27429: core-updates and shishi [was Re: bug#27429: Stack clash (CVE-2017-1000366 etc)], Ludovic Courtès, 2017/06/29

Prev by Date: bug#27425: substitute queries never finish
Next by Date: bug#27429: Stack clash (CVE-2017-1000366 etc)
Previous by thread: bug#27429: Stack clash (CVE-2017-1000366 etc)
Next by thread: bug#27429: Stack clash (CVE-2017-1000366 etc)
Index(es):
- Date
- Thread