gnu: glibc@2.27: fix CVE-2018-11236, CVE-2018-11237.

* gnu/packages/base.scm (glibc@2.27)[sources]: Add patches. [properties]: New field, mark CVE-2017-18269 fixed. * gnu/packages/patches/glibc-CVE-2018-11236.patch, gnu/packages/patches/glibc-CVE-2018-11237.patch: New files. * gnu/local.mk (dist_patch_DATA): Register them.
author: Efraim Flashner <efraim@flashner.co.il> 2019-02-11 22:40:10 +0200
committer: Efraim Flashner <efraim@flashner.co.il> 2019-02-12 09:08:13 +0200
commit: c86b5f1b9bdfdd478ba15804f9343feb8d9c019b (patch)
tree: 2e6255e7f1c468758f37fe6f5bb446981f0f8265 /gnu/packages/base.scm
parent: d4c95a237ce4af1fc0278f8b2af2ebfb07e86275 (diff)
download: guix-c86b5f1b9bdfdd478ba15804f9343feb8d9c019b.tar.gz
1 files changed, 4 insertions, 1 deletions
diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm
index 67fab7c114..db9cca6faf 100644
--- a/gnu/packages/base.scm
+++ b/gnu/packages/base.scm
@@ -892,7 +892,10 @@ with the Linux kernel.")
                                        "glibc-hidden-visibility-ldconfig.patch"
                                        "glibc-versioned-locpath.patch"
                                        "glibc-allow-kernel-2.6.32.patch"
-                                       "glibc-reinstate-prlimit64-fallback.patch"))))))
+                                       "glibc-reinstate-prlimit64-fallback.patch"
+                                       "glibc-CVE-2018-11236.patch"
+                                       "glibc-CVE-2018-11237.patch"))))
+    (properties `((lint-hidden-cve . ("CVE-2017-18269")))))) ; glibc-2.27-git-fixes
 
 (define-public glibc-2.26
   (package
author	Efraim Flashner <efraim@flashner.co.il>	2019-02-11 22:40:10 +0200
committer	Efraim Flashner <efraim@flashner.co.il>	2019-02-12 09:08:13 +0200
commit	c86b5f1b9bdfdd478ba15804f9343feb8d9c019b (patch)
tree	2e6255e7f1c468758f37fe6f5bb446981f0f8265 /gnu/packages/base.scm
parent	d4c95a237ce4af1fc0278f8b2af2ebfb07e86275 (diff)
download	guix-c86b5f1b9bdfdd478ba15804f9343feb8d9c019b.tar.gz