summaryrefslogtreecommitdiff
path: root/gnu/packages
diff options
context:
space:
mode:
authorMark H Weaver <mhw@netris.org>2017-09-13 12:51:07 -0400
committerMark H Weaver <mhw@netris.org>2017-09-13 12:52:50 -0400
commitbe2b2dff210295e04077b03d4a58fa248f5fe1c4 (patch)
tree5279c8b8f966cadf2903f6f95cc5a40abf874c37 /gnu/packages
parent1c05aab4732e2805d3fd21900ab53618915b7480 (diff)
downloadgnu-guix-be2b2dff210295e04077b03d4a58fa248f5fe1c4.tar
gnu-guix-be2b2dff210295e04077b03d4a58fa248f5fe1c4.tar.gz
gnu: linux-libre: Fix CVE-2017-1000251.
* gnu/packages/linux.scm (linux-libre, linux-libre-4.9) (linux-libre-4.4, linux-libre-arm-generic): Add patch.
Diffstat (limited to 'gnu/packages')
-rw-r--r--gnu/packages/linux.scm60
1 files changed, 55 insertions, 5 deletions
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index 28a5e5b885..40d9cf240c 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -374,32 +374,82 @@ It has been modified to remove all non-free binary blobs.")
(make-linux-libre %linux-libre-version
%linux-libre-hash
%intel-compatible-systems
- #:configuration-file kernel-config))
+ #:configuration-file kernel-config
+ #:patches
+ (list %boot-logo-patch
+ (origin
+ (method url-fetch)
+ (uri "\
+https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git/patch/?id=7c3899324f16a8e50764fc9804bf4b06ac023133")
+ (file-name "linux-libre-4.13-CVE-2017-1000251.patch")
+ (sha256
+ (base32
+ "11pxxrvfvpq9xfahdk73c64w2381w1yqchphjgylzahw4p6mjffh"))))))
(define-public linux-libre-4.9
(make-linux-libre "4.9.49"
"07k3zn6kqbbyrjmknwvx5d4pnblz9s8sarxym5lgjm8abpvjp347"
%intel-compatible-systems
- #:configuration-file kernel-config))
+ #:configuration-file kernel-config
+ #:patches
+ (list %boot-logo-patch
+ (origin
+ (method url-fetch)
+ (uri "\
+https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git/patch/?id=2bc1cc696eb173578162d6202a032fb46e3db1f4")
+ (file-name "linux-libre-4.9-CVE-2017-1000251.patch")
+ (sha256
+ (base32
+ "0mpl5mc9s0bs2ls9hvl8dfm8vfaicx87j3n32nswqj4yk61inma5"))))))
(define-public linux-libre-4.4
(make-linux-libre "4.4.87"
"0yiqs4i4ydgb2kg8xdyqk9rkhymrnd2dw7jf9wnn5kxfwc2nbqpj"
%intel-compatible-systems
- #:configuration-file kernel-config))
+ #:configuration-file kernel-config
+ #:patches
+ (list %boot-logo-patch
+ (origin
+ (method url-fetch)
+ (uri "\
+https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git/patch/?id=4a01092a5fa819397484fe2b50e9518356858156")
+ (file-name "linux-libre-4.4-CVE-2017-1000251.patch")
+ (sha256
+ (base32
+ "0zmkw9zvzpwy2ihiyfrw6mrf8qzv77cm23lxadr20qvzqlc1xzb3"))))))
(define-public linux-libre-4.1
(make-linux-libre "4.1.43"
"0ycqmvczj7lm7czilnwpyp14n2lzilyx7m43rsq1qdm2m5rp4q2w"
%intel-compatible-systems
- #:configuration-file kernel-config))
+ #:configuration-file kernel-config
+ #:patches
+ (list %boot-logo-patch
+ (origin
+ (method url-fetch)
+ (uri "\
+https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git/patch/?id=4a01092a5fa819397484fe2b50e9518356858156")
+ (file-name "linux-libre-4.4-CVE-2017-1000251.patch")
+ (sha256
+ (base32
+ "0zmkw9zvzpwy2ihiyfrw6mrf8qzv77cm23lxadr20qvzqlc1xzb3"))))))
(define-public linux-libre-arm-generic
(make-linux-libre %linux-libre-version
%linux-libre-hash
'("armhf-linux")
#:defconfig "multi_v7_defconfig"
- #:extra-version "arm-generic"))
+ #:extra-version "arm-generic"
+ #:patches
+ (list %boot-logo-patch
+ (origin
+ (method url-fetch)
+ (uri "\
+https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git/patch/?id=7c3899324f16a8e50764fc9804bf4b06ac023133")
+ (file-name "linux-libre-4.13-CVE-2017-1000251.patch")
+ (sha256
+ (base32
+ "11pxxrvfvpq9xfahdk73c64w2381w1yqchphjgylzahw4p6mjffh"))))))
;;;