From c86b5f1b9bdfdd478ba15804f9343feb8d9c019b Mon Sep 17 00:00:00 2001
From: Efraim Flashner <efraim@flashner.co.il>
Date: Mon, 11 Feb 2019 22:40:10 +0200
Subject: gnu: glibc@2.27: fix CVE-2018-11236, CVE-2018-11237.

* gnu/packages/base.scm (glibc@2.27)[sources]: Add patches.
[properties]: New field, mark CVE-2017-18269 fixed.
* gnu/packages/patches/glibc-CVE-2018-11236.patch,
gnu/packages/patches/glibc-CVE-2018-11237.patch: New files.
* gnu/local.mk (dist_patch_DATA): Register them.
---
 gnu/packages/base.scm | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'gnu/packages/base.scm')

diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm
index 67fab7c114..db9cca6faf 100644
--- a/gnu/packages/base.scm
+++ b/gnu/packages/base.scm
@@ -892,7 +892,10 @@ with the Linux kernel.")
                                        "glibc-hidden-visibility-ldconfig.patch"
                                        "glibc-versioned-locpath.patch"
                                        "glibc-allow-kernel-2.6.32.patch"
-                                       "glibc-reinstate-prlimit64-fallback.patch"))))))
+                                       "glibc-reinstate-prlimit64-fallback.patch"
+                                       "glibc-CVE-2018-11236.patch"
+                                       "glibc-CVE-2018-11237.patch"))))
+    (properties `((lint-hidden-cve . ("CVE-2017-18269")))))) ; glibc-2.27-git-fixes
 
 (define-public glibc-2.26
   (package
-- 
cgit v1.2.3