diff options
author | Felix Lechner <felix.lechner@lease-up.com> | 2023-04-10 21:23:12 -0700 |
---|---|---|
committer | Maxim Cournoyer <maxim.cournoyer@gmail.com> | 2023-04-11 11:39:53 -0400 |
commit | 691f17a8cc6ba1c353ee65b41567e607ed3fcfae (patch) | |
tree | 95f29b0bc8daa438e81b95d2ddfb56578bd48e1c /.guix-authorizations | |
parent | 789554cb76e89e2bf4ca95953e7d5c23d8cae984 (diff) | |
download | guix-691f17a8cc6ba1c353ee65b41567e607ed3fcfae.tar guix-691f17a8cc6ba1c353ee65b41567e607ed3fcfae.tar.gz |
gnu: heimdal: Apply patch to fix CVE-2022-45142.
Several recent Heimdal releases are affected by the serious vulnerability
CVE-2022-45142, which NIST scored as "7.5 HIGH". [1]
At the time of writing, the upstream developers had not yet cut any releases
post-7.8.0, which is why the patch is being applied here.
The patch was extracted from Helmut Grohne's public vulnerability
disclosure. [2]
[1] https://nvd.nist.gov/vuln/detail/CVE-2022-45142
[2] https://www.openwall.com/lists/oss-security/2023/02/08/1
* gnu/packages/patches/heimdal-CVE-2022-45142.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/kerberos.scm (heimdal)[source]: Apply it.
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Diffstat (limited to '.guix-authorizations')
0 files changed, 0 insertions, 0 deletions