pyrox.dev / nixpkgs
lol
fork atom

Revert "linux kernels: patch against DCCP double free (CVE-2017-6074)"

This reverts commit 1d68edbef48f30a4cefc33a85636099582411957.

Graham Christensen 53a2baab 1d68edbe

-19
unified split
-9
pkgs/os-specific/linux/kernel/patches.nix
··· 174 sha256 = "0mps33r4mnwiy0bmgrzgqkrk59yya17v6kzpv9024g4xlz61rk8p"; 175 }; 176 }; 177 - 178 - DCCP_double_free_vulnerability_CVE-2017-6074 = rec 179 - { name = "DCCP_double_free_vulnerability_CVE-2017-6074.patch"; 180 - patch = fetchpatch { 181 - inherit name; 182 - url = "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/patch/?id=5edabca9d4cff7f1f2b68f0bac55ef99d9798ba4"; 183 - sha256 = "10dmv3d3gj8rvj9h40js4jh8xbr5wyaqiy0kd819mya441mj8ll2"; 184 - }; 185 - }; 186 }
··· 174 sha256 = "0mps33r4mnwiy0bmgrzgqkrk59yya17v6kzpv9024g4xlz61rk8p"; 175 }; 176 }; 177 }
-10
pkgs/top-level/all-packages.nix
··· 11273 kernelPatches = 11274 [ kernelPatches.bridge_stp_helper 11275 kernelPatches.packet_fix_race_condition_CVE_2016_8655 11276 - kernelPatches.DCCP_double_free_vulnerability_CVE-2017-6074 11277 ] 11278 ++ lib.optionals ((platform.kernelArch or null) == "mips") 11279 [ kernelPatches.mips_fpureg_emu ··· 11286 kernelPatches = with kernelPatches; [ 11287 bridge_stp_helper 11288 packet_fix_race_condition_CVE_2016_8655 11289 - DCCP_double_free_vulnerability_CVE-2017-6074 11290 ]; 11291 }; 11292 ··· 11295 [ bridge_stp_helper 11296 lguest_entry-linkage 11297 packet_fix_race_condition_CVE_2016_8655 11298 - DCCP_double_free_vulnerability_CVE-2017-6074 11299 ] 11300 ++ lib.optionals ((platform.kernelArch or null) == "mips") 11301 [ kernelPatches.mips_fpureg_emu ··· 11307 linux_3_12 = callPackage ../os-specific/linux/kernel/linux-3.12.nix { 11308 kernelPatches = with kernelPatches; 11309 [ bridge_stp_helper 11310 - DCCP_double_free_vulnerability_CVE-2017-6074 11311 ] 11312 ++ lib.optionals ((platform.kernelArch or null) == "mips") 11313 [ kernelPatches.mips_fpureg_emu ··· 11319 linux_4_1 = callPackage ../os-specific/linux/kernel/linux-4.1.nix { 11320 kernelPatches = 11321 [ kernelPatches.bridge_stp_helper 11322 - kernelPatches.DCCP_double_free_vulnerability_CVE-2017-6074 11323 ] 11324 ++ lib.optionals ((platform.kernelArch or null) == "mips") 11325 [ kernelPatches.mips_fpureg_emu ··· 11332 kernelPatches = 11333 [ kernelPatches.bridge_stp_helper 11334 kernelPatches.cpu-cgroup-v2."4.4" 11335 - kernelPatches.DCCP_double_free_vulnerability_CVE-2017-6074 11336 ] 11337 ++ lib.optionals ((platform.kernelArch or null) == "mips") 11338 [ kernelPatches.mips_fpureg_emu ··· 11349 # !!! 4.7 patch doesn't apply, 4.9 patch not up yet, will keep checking 11350 # kernelPatches.cpu-cgroup-v2."4.7" 11351 kernelPatches.modinst_arg_list_too_long 11352 - kernelPatches.DCCP_double_free_vulnerability_CVE-2017-6074 11353 ] 11354 ++ lib.optionals ((platform.kernelArch or null) == "mips") 11355 [ kernelPatches.mips_fpureg_emu ··· 11378 kernelPatches = [ 11379 kernelPatches.bridge_stp_helper 11380 kernelPatches.modinst_arg_list_too_long 11381 - kernelPatches.DCCP_double_free_vulnerability_CVE-2017-6074 11382 ] ++ lib.optionals ((platform.kernelArch or null) == "mips") [ 11383 kernelPatches.mips_fpureg_emu 11384 kernelPatches.mips_fpu_sigill ··· 11391 kernelPatches.chromiumos_mfd_fix_dependency 11392 kernelPatches.chromiumos_no_link_restrictions 11393 kernelPatches.genksyms_fix_segfault 11394 - kernelPatches.DCCP_double_free_vulnerability_CVE-2017-6074 11395 ]; 11396 }; 11397 ··· 11399 kernelPatches = [ kernelPatches.chromiumos_Kconfig_fix_entries_3_18 11400 kernelPatches.chromiumos_no_link_restrictions 11401 kernelPatches.genksyms_fix_segfault 11402 - kernelPatches.DCCP_double_free_vulnerability_CVE-2017-6074 11403 ]; 11404 }; 11405
··· 11273 kernelPatches = 11274 [ kernelPatches.bridge_stp_helper 11275 kernelPatches.packet_fix_race_condition_CVE_2016_8655 11276 ] 11277 ++ lib.optionals ((platform.kernelArch or null) == "mips") 11278 [ kernelPatches.mips_fpureg_emu ··· 11285 kernelPatches = with kernelPatches; [ 11286 bridge_stp_helper 11287 packet_fix_race_condition_CVE_2016_8655 11288 ]; 11289 }; 11290 ··· 11293 [ bridge_stp_helper 11294 lguest_entry-linkage 11295 packet_fix_race_condition_CVE_2016_8655 11296 ] 11297 ++ lib.optionals ((platform.kernelArch or null) == "mips") 11298 [ kernelPatches.mips_fpureg_emu ··· 11304 linux_3_12 = callPackage ../os-specific/linux/kernel/linux-3.12.nix { 11305 kernelPatches = with kernelPatches; 11306 [ bridge_stp_helper 11307 ] 11308 ++ lib.optionals ((platform.kernelArch or null) == "mips") 11309 [ kernelPatches.mips_fpureg_emu ··· 11315 linux_4_1 = callPackage ../os-specific/linux/kernel/linux-4.1.nix { 11316 kernelPatches = 11317 [ kernelPatches.bridge_stp_helper 11318 ] 11319 ++ lib.optionals ((platform.kernelArch or null) == "mips") 11320 [ kernelPatches.mips_fpureg_emu ··· 11327 kernelPatches = 11328 [ kernelPatches.bridge_stp_helper 11329 kernelPatches.cpu-cgroup-v2."4.4" 11330 ] 11331 ++ lib.optionals ((platform.kernelArch or null) == "mips") 11332 [ kernelPatches.mips_fpureg_emu ··· 11343 # !!! 4.7 patch doesn't apply, 4.9 patch not up yet, will keep checking 11344 # kernelPatches.cpu-cgroup-v2."4.7" 11345 kernelPatches.modinst_arg_list_too_long 11346 ] 11347 ++ lib.optionals ((platform.kernelArch or null) == "mips") 11348 [ kernelPatches.mips_fpureg_emu ··· 11371 kernelPatches = [ 11372 kernelPatches.bridge_stp_helper 11373 kernelPatches.modinst_arg_list_too_long 11374 ] ++ lib.optionals ((platform.kernelArch or null) == "mips") [ 11375 kernelPatches.mips_fpureg_emu 11376 kernelPatches.mips_fpu_sigill ··· 11383 kernelPatches.chromiumos_mfd_fix_dependency 11384 kernelPatches.chromiumos_no_link_restrictions 11385 kernelPatches.genksyms_fix_segfault 11386 ]; 11387 }; 11388 ··· 11390 kernelPatches = [ kernelPatches.chromiumos_Kconfig_fix_entries_3_18 11391 kernelPatches.chromiumos_no_link_restrictions 11392 kernelPatches.genksyms_fix_segfault 11393 ]; 11394 }; 11395