#66348 - [PATCH RFC] gnu: glibc: Fix CVE-2023-4911.

Package	Source(s)		Maintainer(s)
guix-patches		PTS Buildd Popcon

Message #8 received at 66348@debbugs.gnu.org (full text, mbox, reply):

Received: (at 66348) by debbugs.gnu.org; 5 Oct 2023 05:47:18 +0000
From debbugs-submit-bounces@debbugs.gnu.org Thu Oct 05 01:47:18 2023
Received: from localhost ([127.0.0.1]:45797 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1qoHCf-0002Q0-Sh
	for submit@debbugs.gnu.org; Thu, 05 Oct 2023 01:47:18 -0400
Received: from mail-wr1-x444.google.com ([2a00:1450:4864:20::444]:47162)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <liliana.prikler@gmail.com>) id 1qoHCd-0002Pi-OY
 for 66348@debbugs.gnu.org; Thu, 05 Oct 2023 01:47:16 -0400
Received: by mail-wr1-x444.google.com with SMTP id
 ffacd0b85a97d-31f71b25a99so605061f8f.2
 for <66348@debbugs.gnu.org>; Wed, 04 Oct 2023 22:46:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1696484812; x=1697089612; darn=debbugs.gnu.org;
 h=mime-version:user-agent:content-transfer-encoding:references
 :in-reply-to:date:cc:to:from:subject:message-id:from:to:cc:subject
 :date:message-id:reply-to;
 bh=c6p6tNfG2uPpgQwspI6HCtVd6jiEr+76dpGAuZixtTY=;
 b=DnZJ9uDMOux0oQ+aPYrp5G0d7rW7wml/6MrNURka0shTO3TMhLAdcGrLCN/AT3RHDk
 0/k5OBlAA5lQ3dsV8hW+2pe9CCymD3UOE5YJTvWwjKoLtq9NEFFVpAl9P4D3w4W23nkQ
 +VuowcE6gsIIhpAzVnYpKVPh0ARFRyWxMIlnZBZDyU72zf+XrMWnj/bWa1HyMQSgWkqV
 oj0p3Le5Fkk3aVt8DLZASP9/f8gimReMEMjAjJoEQVkNiD8eDX3ONqLxSeLbIjCphGnB
 QSUTVPxhEVxobCONfpacm1gXsUKte6RooHuKYmJDEGZ7BHpElAV1KLAqe9j2Bzd9gMj0
 3+2Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1696484812; x=1697089612;
 h=mime-version:user-agent:content-transfer-encoding:references
 :in-reply-to:date:cc:to:from:subject:message-id:x-gm-message-state
 :from:to:cc:subject:date:message-id:reply-to;
 bh=c6p6tNfG2uPpgQwspI6HCtVd6jiEr+76dpGAuZixtTY=;
 b=ivWpBRcSHBnLhYAK0UXIQT9Wq/C04dOz78Sb7BFrZnWNPiO8Lkf47Oi1Hrej1Y2mVs
 B5wrfJWTMRomVc48Tlc1DZNa24RVCQporcYQIdnSM6NJM/V/eleSbD+ogY5HGobXuBYd
 pve4gK/aXSSJW9nhS1lVMLv+cUNcvirhPQKoPsKxehJTOJAI+Wb3obnsiIU5rIcaSbsr
 i9o97tLLg5rEB/CcJ12s4E9EDKDgbrMWUMYE1GRsyRkNse0t+pXonEythPPQGga7FSI9
 rMz+6TMRE/lMZRj4sj8iCWn+d8LdH1QSe4FL48c8+kkQo9AlXrN1+j+A1cCHWX2IuGwj
 Z+6A==
X-Gm-Message-State: AOJu0Yw2g7nWTpeSBT/Kg8VTkRfjy/fJfg24t0406nTrsmoQRwbIeKpt
 UMvjdiqIyelwsn8bMuJF5ZxYrAse2jFnlQ==
X-Google-Smtp-Source: AGHT+IEiHuQH1yCWdff8MAZCVFi8RgaXVb9x7EVKEPIz84o0mVpU08DwRLtz6c9GtfPDnaEZ01+gLw==
X-Received: by 2002:a5d:6909:0:b0:321:6a61:e45a with SMTP id
 t9-20020a5d6909000000b003216a61e45amr4445927wru.15.1696484811767; 
 Wed, 04 Oct 2023 22:46:51 -0700 (PDT)
Received: from lumine.fritz.box (85-127-52-93.dsl.dynamic.surfer.at.
 [85.127.52.93]) by smtp.gmail.com with ESMTPSA id
 r18-20020a5d4952000000b00326b8a0e817sm855329wrs.84.2023.10.04.22.46.50
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 04 Oct 2023 22:46:50 -0700 (PDT)
Message-ID: <ef2b25db2d6cf606c2e22bcf9bc7fbbb9aba197d.camel@gmail.com>
Subject: Re: [PATCH RFC] gnu: glibc: Fix CVE-2023-4911.
From: Liliana Marie Prikler <liliana.prikler@gmail.com>
To: 66348@debbugs.gnu.org
Date: Thu, 05 Oct 2023 07:46:49 +0200
In-Reply-To: <b4b918de4fce8ab839b51740f2758dc13f9884d5.1696450898.git.liliana.prikler@gmail.com>
References: <b4b918de4fce8ab839b51740f2758dc13f9884d5.1696450898.git.liliana.prikler@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
User-Agent: Evolution 3.46.4 
MIME-Version: 1.0
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 66348
Cc: Ludovic Courtès <ludo@gnu.org>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Am Mittwoch, dem 04.10.2023 um 21:27 +0200 schrieb Liliana Marie
Prikler:
> * gnu/packages/patches/glibc-2.35-CVE-2023-4911.patch: New file.
> * gnu/local.mk: Register it here.
> * gnu/packages/base.scm (glibc/fixed): New variable.
> (glibc): Use it as replacement.
> ---
> Hi folks,
> 
> you might have heard about a little bad boi called CVE-2023-4911.
> Stirred up some news recently.  I've "backported" the fix that's
> currently sleeping on glibc master to our current glibc; only a test
> needed adjusting.  I still have to verify that it works in a vm, but
> it appears to be rebuilding more than I anticipated, so that might
> take me some time.
> 
> Anyway, have at it in the meantime.
Confirmed in a VM that su no longer segfaults with this.

Cheers

Display info messages

Send a report that this bug log contains spam.

debbugs.gnu.org maintainers <help-debbugs@gnu.org>. Last modified: Sun Dec 22 01:54:38 2024; Machine Name: wallace-server

GNU bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

#66348 [PATCH RFC] gnu: glibc: Fix CVE-2023-4911.