[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 1/1] gnu: cyrus-sasl: Fix CVE-2013-4122.
From: |
Kei Kebreau |
Subject: |
Re: [PATCH 1/1] gnu: cyrus-sasl: Fix CVE-2013-4122. |
Date: |
Sat, 26 Nov 2016 15:34:23 -0500 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux) |
Leo Famulari <address@hidden> writes:
> On Sat, Nov 26, 2016 at 03:03:46PM -0500, Leo Famulari wrote:
>> * gnu/packages/patches/cyrus-sasl-CVE-2013-4122.patch: New file.
>> * gnu/local.mk (dist_patch_DATA): Add it.
>> * gnu/packages/cyrus-sasl.scm (cyrus-sasl)[replacement]: New field.
>> (cyrus-sasl/fixed): New variable.
>> [source]: Use patch.
>
>> diff --git a/gnu/packages/patches/cyrus-sasl-CVE-2013-4122.patch
>> b/gnu/packages/patches/cyrus-sasl-CVE-2013-4122.patch
>> new file mode 100644
>> index 0000000..4e79947
>> --- /dev/null
>> +++ b/gnu/packages/patches/cyrus-sasl-CVE-2013-4122.patch
>> @@ -0,0 +1,130 @@
>> +Fix CVE-2013-4122.
>> +
>> +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4122
>> +
>> +Upstream patch:
>> +https://cgit.cyrus.foundation/cyrus-sasl/patch/?id=dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d
>
> I forgot to update this URL to the new repo:
>
> https://github.com/cyrusimap/cyrus-sasl/commit/dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d
>
> I can't reach the cyrus.foundation repo.
Neither can I. This patch looks good with the new repo!
signature.asc
Description: PGP signature