diff options
| author | Liliana Marie Prikler <liliana.prikler@gmail.com> | 2023-10-04 21:27:13 +0200 |
|---|---|---|
| committer | Liliana Marie Prikler <liliana.prikler@gmail.com> | 2023-10-12 06:49:02 +0200 |
| commit | 1328c4cca531318e3ed90c6aecb522a5b22a4bcc (patch) | |
| tree | 0bb285c0fb6acf2614073eadcb4cc527c20b6290 /gnu/packages/base.scm | |
| parent | f62737bfee086040fa3ecb26968f6d16f84147aa (diff) | |
| download | guix-1328c4cca531318e3ed90c6aecb522a5b22a4bcc.tar.gz | |
gnu: glibc: Fix CVE-2023-4911.
* gnu/packages/patches/glibc-2.35-CVE-2023-4911.patch: New file. * gnu/local.mk: Register it here. * gnu/packages/base.scm (glibc/fixed): New variable. (glibc): Use it as replacement.
Diffstat (limited to 'gnu/packages/base.scm')
| -rw-r--r-- | gnu/packages/base.scm | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm index c0813f7de0..2d8e9143cd 100644 --- a/gnu/packages/base.scm +++ b/gnu/packages/base.scm @@ -793,6 +793,7 @@ the store.") (package (name "glibc") (version "2.35") + (replacement glibc/fixed) (source (origin (method url-fetch) (uri (string-append "mirror://gnu/glibc/glibc-" version ".tar.xz")) @@ -1062,6 +1063,15 @@ with the Linux kernel.") (license lgpl2.0+) (home-page "https://www.gnu.org/software/libc/"))) +(define glibc/fixed + (package + (inherit glibc) + (source + (origin (inherit (package-source glibc)) + (patches + (append (search-patches "glibc-2.35-CVE-2023-4911.patch") + (origin-patches (package-source glibc)))))))) + ;; Define a variation of glibc which uses the default /etc/ld.so.cache, useful ;; in FHS containers. (define-public glibc-for-fhs |