amaharaneko/guix-mirrors
1
1
Fork 0
mirror of https://codeberg.org/guix/guix.git synced 2025-10-02 02:15:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

gnu: glibc: Fix CVE-2023-4911.

Browse source 
* gnu/packages/patches/glibc-2.35-CVE-2023-4911.patch: New file.
* gnu/local.mk: Register it here.
* gnu/packages/base.scm (glibc/fixed): New variable.
(glibc): Use it as replacement.
This commit is contained in:
Liliana Marie Prikler 2023-10-04 21:27:13 +02:00
parent f62737bfee
commit 1328c4cca5
No known key found for this signature in database
GPG key ID: 442A84B8C70E2F87
3 changed files with 171 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

10
gnu/packages/base.scm
View file

@ -793,6 +793,7 @@ the store.")
(package
(name "glibc")
(version "2.35")
(replacement glibc/fixed)
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/glibc/glibc-" version ".tar.xz"))
@ -1062,6 +1063,15 @@ with the Linux kernel.")
(license lgpl2.0+)
(home-page "https://www.gnu.org/software/libc/")))
(define glibc/fixed
(package
(inherit glibc)
(source
(origin (inherit (package-source glibc))
(patches
(append (search-patches "glibc-2.35-CVE-2023-4911.patch")
(origin-patches (package-source glibc))))))))
;; Define a variation of glibc which uses the default /etc/ld.so.cache, useful
;; in FHS containers.
(define-public glibc-for-fhs