gnu: util-linux: Fix CVE-2017-2616.

* gnu/packages/patches/util-linux-CVE-2017-2616.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/linux.scm (util-linux)[replacement]: New field. (util-linux/fixed): New variable.
2025-10-02 02:15:12 +00:00 · 2017-02-23 14:49:47 -05:00 · 2017-02-23 14:49:47 -05:00 · 1d311009fe
commit 1d311009fe
parent 1c851cbe0c
3 changed files with 78 additions and 0 deletions
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@ -495,6 +495,7 @@ providing the system administrator with some help in common tasks.")
 (define-public util-linux
  (package
    (name "util-linux")
+    (replacement util-linux/fixed)
    (version "2.28.1")
    (source (origin
              (method url-fetch)
@ -575,6 +576,17 @@ block devices, UUIDs, TTYs, and many other tools.")
    (license (list license:gpl3+ license:gpl2+ license:gpl2 license:lgpl2.0+
                   license:bsd-4 license:public-domain))))

+(define util-linux/fixed
+  (package
+    (inherit util-linux)
+    (source
+      (origin
+        (inherit (package-source util-linux))
+        (patches
+          (append
+            (origin-patches (package-source util-linux))
+            (search-patches "util-linux-CVE-2017-2616.patch")))))))
+
 (define-public procps
  (package
    (name "procps")