commit 990ff97c6d82eb27486ec8dc3e9dbc453da88aa8 · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

fork atom

glibc: 2.26-115 -> 2.26-131 to fix CVE-2018-1000001

/cc https://github.com/NixOS/nixpkgs/issues/33826#issuecomment-357436030

Vladimír Čunát 8 years ago 990ff97c 6ed0fe7e

+5 -2

2 changed files

expand all

unified split

pkgs

development

libraries

glibc

2.26-115to131.diff.gz

common.nix

pkgs/development/libraries/glibc/2.26-115to131.diff.gz

This is a binary file and will not be displayed.

+5 -2

pkgs/development/libraries/glibc/common.nix

··· 20 21 let 22 version = "2.26"; 23 - patchSuffix = "-115"; 24 sha256 = "1ggnj1hzjym7sn93rbwydcqd562q73lsb7g7kd199g6j9j9hlkp5"; 25 cross = if buildPlatform != hostPlatform then hostPlatform else null; 26 in ··· 48 */ 49 ./2.26-75.patch.gz 50 ./2.26-75to115.diff.gz 51 52 /* Have rpcgen(1) look for cpp(1) in $PATH. */ 53 ./rpcgen-path.patch ··· 73 and we lose early mismatch detection on 2.6.32. 74 75 On major glibc updates we should check that the patched kernel supports 76 - all the required features. ATM it's verified up to glibc-2.26-115. 77 # HOWTO: check glibc sources for changes in kernel requirements 78 git log -p glibc-2.25.. sysdeps/unix/sysv/linux/x86_64/kernel-features.h sysdeps/unix/sysv/linux/kernel-features.h 79 # get kernel sources (update the URL)

··· 20 21 let 22 version = "2.26"; 23 + patchSuffix = "-131"; 24 sha256 = "1ggnj1hzjym7sn93rbwydcqd562q73lsb7g7kd199g6j9j9hlkp5"; 25 cross = if buildPlatform != hostPlatform then hostPlatform else null; 26 in ··· 48 */ 49 ./2.26-75.patch.gz 50 ./2.26-75to115.diff.gz 51 + # contains fix for CVE-2018-1000001 as the last commit: 52 + # https://sourceware.org/git/?p=glibc.git;a=commit;h=fabef2edbc 53 + ./2.26-115to131.diff.gz 54 55 /* Have rpcgen(1) look for cpp(1) in $PATH. */ 56 ./rpcgen-path.patch ··· 76 and we lose early mismatch detection on 2.6.32. 77 78 On major glibc updates we should check that the patched kernel supports 79 + all the required features. ATM it's verified up to glibc-2.26-131. 80 # HOWTO: check glibc sources for changes in kernel requirements 81 git log -p glibc-2.25.. sysdeps/unix/sysv/linux/x86_64/kernel-features.h sysdeps/unix/sysv/linux/kernel-features.h 82 # get kernel sources (update the URL)