[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 1/1] gnu: cyrus-sasl: Fix CVE-2013-4122.
|
From: |
Leo Famulari |
|
Subject: |
Re: [PATCH 1/1] gnu: cyrus-sasl: Fix CVE-2013-4122. |
|
Date: |
Sat, 26 Nov 2016 16:32:46 -0500 |
|
User-agent: |
Mutt/1.7.1 (2016-10-04) |
On Sat, Nov 26, 2016 at 03:34:23PM -0500, Kei Kebreau wrote:
> Leo Famulari <address@hidden> writes:
>
> > On Sat, Nov 26, 2016 at 03:03:46PM -0500, Leo Famulari wrote:
> >> * gnu/packages/patches/cyrus-sasl-CVE-2013-4122.patch: New file.
> >> * gnu/local.mk (dist_patch_DATA): Add it.
> >> * gnu/packages/cyrus-sasl.scm (cyrus-sasl)[replacement]: New field.
> >> (cyrus-sasl/fixed): New variable.
> >> [source]: Use patch.
> >
> >> diff --git a/gnu/packages/patches/cyrus-sasl-CVE-2013-4122.patch
> >> b/gnu/packages/patches/cyrus-sasl-CVE-2013-4122.patch
> >> new file mode 100644
> >> index 0000000..4e79947
> >> --- /dev/null
> >> +++ b/gnu/packages/patches/cyrus-sasl-CVE-2013-4122.patch
> >> @@ -0,0 +1,130 @@
> >> +Fix CVE-2013-4122.
> >> +
> >> +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4122
> >> +
> >> +Upstream patch:
> >> +https://cgit.cyrus.foundation/cyrus-sasl/patch/?id=dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d
> >
> > I forgot to update this URL to the new repo:
> >
> > https://github.com/cyrusimap/cyrus-sasl/commit/dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d
> >
> > I can't reach the cyrus.foundation repo.
>
> Neither can I. This patch looks good with the new repo!
Okay, I pushed it to master and ungrafted on core-updates.
signature.asc
Description: PGP signature