diff options
| author | Mark H Weaver <mhw@netris.org> | 2017-09-13 12:51:07 -0400 |
|---|---|---|
| committer | Mark H Weaver <mhw@netris.org> | 2017-09-13 12:52:50 -0400 |
| commit | be2b2dff210295e04077b03d4a58fa248f5fe1c4 (patch) | |
| tree | 5279c8b8f966cadf2903f6f95cc5a40abf874c37 | |
| parent | 1c05aab4732e2805d3fd21900ab53618915b7480 (diff) | |
| download | guix-be2b2dff210295e04077b03d4a58fa248f5fe1c4.tar guix-be2b2dff210295e04077b03d4a58fa248f5fe1c4.tar.gz | |
gnu: linux-libre: Fix CVE-2017-1000251.
* gnu/packages/linux.scm (linux-libre, linux-libre-4.9)
(linux-libre-4.4, linux-libre-arm-generic): Add patch.
| -rw-r--r-- | gnu/packages/linux.scm | 60 |
1 files changed, 55 insertions, 5 deletions
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index 28a5e5b885..40d9cf240c 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -374,32 +374,82 @@ It has been modified to remove all non-free binary blobs.") (make-linux-libre %linux-libre-version %linux-libre-hash %intel-compatible-systems - #:configuration-file kernel-config)) + #:configuration-file kernel-config + #:patches + (list %boot-logo-patch + (origin + (method url-fetch) + (uri "\ +https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git/patch/?id=7c3899324f16a8e50764fc9804bf4b06ac023133") + (file-name "linux-libre-4.13-CVE-2017-1000251.patch") + (sha256 + (base32 + "11pxxrvfvpq9xfahdk73c64w2381w1yqchphjgylzahw4p6mjffh")))))) (define-public linux-libre-4.9 (make-linux-libre "4.9.49" "07k3zn6kqbbyrjmknwvx5d4pnblz9s8sarxym5lgjm8abpvjp347" %intel-compatible-systems - #:configuration-file kernel-config)) + #:configuration-file kernel-config + #:patches + (list %boot-logo-patch + (origin + (method url-fetch) + (uri "\ +https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git/patch/?id=2bc1cc696eb173578162d6202a032fb46e3db1f4") + (file-name "linux-libre-4.9-CVE-2017-1000251.patch") + (sha256 + (base32 + "0mpl5mc9s0bs2ls9hvl8dfm8vfaicx87j3n32nswqj4yk61inma5")))))) (define-public linux-libre-4.4 (make-linux-libre "4.4.87" "0yiqs4i4ydgb2kg8xdyqk9rkhymrnd2dw7jf9wnn5kxfwc2nbqpj" %intel-compatible-systems - #:configuration-file kernel-config)) + #:configuration-file kernel-config + #:patches + (list %boot-logo-patch + (origin + (method url-fetch) + (uri "\ +https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git/patch/?id=4a01092a5fa819397484fe2b50e9518356858156") + (file-name "linux-libre-4.4-CVE-2017-1000251.patch") + (sha256 + (base32 + "0zmkw9zvzpwy2ihiyfrw6mrf8qzv77cm23lxadr20qvzqlc1xzb3")))))) (define-public linux-libre-4.1 (make-linux-libre "4.1.43" "0ycqmvczj7lm7czilnwpyp14n2lzilyx7m43rsq1qdm2m5rp4q2w" %intel-compatible-systems - #:configuration-file kernel-config)) + #:configuration-file kernel-config + #:patches + (list %boot-logo-patch + (origin + (method url-fetch) + (uri "\ +https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git/patch/?id=4a01092a5fa819397484fe2b50e9518356858156") + (file-name "linux-libre-4.4-CVE-2017-1000251.patch") + (sha256 + (base32 + "0zmkw9zvzpwy2ihiyfrw6mrf8qzv77cm23lxadr20qvzqlc1xzb3")))))) (define-public linux-libre-arm-generic (make-linux-libre %linux-libre-version %linux-libre-hash '("armhf-linux") #:defconfig "multi_v7_defconfig" - #:extra-version "arm-generic")) + #:extra-version "arm-generic" + #:patches + (list %boot-logo-patch + (origin + (method url-fetch) + (uri "\ +https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git/patch/?id=7c3899324f16a8e50764fc9804bf4b06ac023133") + (file-name "linux-libre-4.13-CVE-2017-1000251.patch") + (sha256 + (base32 + "11pxxrvfvpq9xfahdk73c64w2381w1yqchphjgylzahw4p6mjffh")))))) ;;; |