ilyakooo0/nixpkgs
1
0
Fork 0
mirror of https://github.com/ilyakooo0/nixpkgs.git synced 2024-12-27 13:57:10 +03:00
Code Issues Projects Releases Wiki Activity

linux kernels: patch against DCCP double free (CVE-2017-6074)

Browse Source
This commit is contained in:
Graham Christensen 2017-02-23 18:44:29 -05:00
parent c71bae0330
commit 1d68edbef4
No known key found for this signature in database
GPG Key ID: 06121D366FE9435C
2 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
pkgs/os-specific/linux/kernel/patches.nix
View File

@ -174,4 +174,13 @@ rec {
sha256 = "0mps33r4mnwiy0bmgrzgqkrk59yya17v6kzpv9024g4xlz61rk8p";
};
};
DCCP_double_free_vulnerability_CVE-2017-6074 = rec
{ name = "DCCP_double_free_vulnerability_CVE-2017-6074.patch";
patch = fetchpatch {
inherit name;
url = "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/patch/?id=5edabca9d4cff7f1f2b68f0bac55ef99d9798ba4";
sha256 = "10dmv3d3gj8rvj9h40js4jh8xbr5wyaqiy0kd819mya441mj8ll2";
};
};
}

10
pkgs/top-level/all-packages.nix
View File

@ -11273,6 +11273,7 @@ with pkgs;
kernelPatches =
[ kernelPatches.bridge_stp_helper
kernelPatches.packet_fix_race_condition_CVE_2016_8655
kernelPatches.DCCP_double_free_vulnerability_CVE-2017-6074
]
++ lib.optionals ((platform.kernelArch or null) == "mips")
[ kernelPatches.mips_fpureg_emu
@ -11285,6 +11286,7 @@ with pkgs;
kernelPatches = with kernelPatches; [
bridge_stp_helper
packet_fix_race_condition_CVE_2016_8655
DCCP_double_free_vulnerability_CVE-2017-6074
];
};
@ -11293,6 +11295,7 @@ with pkgs;
[ bridge_stp_helper
lguest_entry-linkage
packet_fix_race_condition_CVE_2016_8655
DCCP_double_free_vulnerability_CVE-2017-6074
]
++ lib.optionals ((platform.kernelArch or null) == "mips")
[ kernelPatches.mips_fpureg_emu
@ -11304,6 +11307,7 @@ with pkgs;
linux_3_12 = callPackage ../os-specific/linux/kernel/linux-3.12.nix {
kernelPatches = with kernelPatches;
[ bridge_stp_helper
DCCP_double_free_vulnerability_CVE-2017-6074
]
++ lib.optionals ((platform.kernelArch or null) == "mips")
[ kernelPatches.mips_fpureg_emu
@ -11315,6 +11319,7 @@ with pkgs;
linux_4_1 = callPackage ../os-specific/linux/kernel/linux-4.1.nix {
kernelPatches =
[ kernelPatches.bridge_stp_helper
kernelPatches.DCCP_double_free_vulnerability_CVE-2017-6074
]
++ lib.optionals ((platform.kernelArch or null) == "mips")
[ kernelPatches.mips_fpureg_emu
@ -11327,6 +11332,7 @@ with pkgs;
kernelPatches =
[ kernelPatches.bridge_stp_helper
kernelPatches.cpu-cgroup-v2."4.4"
kernelPatches.DCCP_double_free_vulnerability_CVE-2017-6074
]
++ lib.optionals ((platform.kernelArch or null) == "mips")
[ kernelPatches.mips_fpureg_emu
@ -11343,6 +11349,7 @@ with pkgs;
# !!! 4.7 patch doesn't apply, 4.9 patch not up yet, will keep checking
# kernelPatches.cpu-cgroup-v2."4.7"
kernelPatches.modinst_arg_list_too_long
kernelPatches.DCCP_double_free_vulnerability_CVE-2017-6074
]
++ lib.optionals ((platform.kernelArch or null) == "mips")
[ kernelPatches.mips_fpureg_emu
@ -11371,6 +11378,7 @@ with pkgs;
kernelPatches = [
kernelPatches.bridge_stp_helper
kernelPatches.modinst_arg_list_too_long
kernelPatches.DCCP_double_free_vulnerability_CVE-2017-6074
] ++ lib.optionals ((platform.kernelArch or null) == "mips") [
kernelPatches.mips_fpureg_emu
kernelPatches.mips_fpu_sigill
@ -11383,6 +11391,7 @@ with pkgs;
kernelPatches.chromiumos_mfd_fix_dependency
kernelPatches.chromiumos_no_link_restrictions
kernelPatches.genksyms_fix_segfault
kernelPatches.DCCP_double_free_vulnerability_CVE-2017-6074
];
};
@ -11390,6 +11399,7 @@ with pkgs;
kernelPatches = [ kernelPatches.chromiumos_Kconfig_fix_entries_3_18
kernelPatches.chromiumos_no_link_restrictions
kernelPatches.genksyms_fix_segfault
kernelPatches.DCCP_double_free_vulnerability_CVE-2017-6074
];
};