Re: [PATCH] gnu: jq: Fix CVE-2015-8863.

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] gnu: jq: Fix CVE-2015-8863.

From:	Leo Famulari
Subject:	Re: [PATCH] gnu: jq: Fix CVE-2015-8863.
Date:	Thu, 11 Aug 2016 15:44:59 -0400
User-agent:	Mutt/1.6.0 (2016-04-01)

On Thu, Aug 11, 2016 at 05:11:02PM +0200, Jelle Licht wrote:
> Hello,
> 
> Attached patch backports the commit[0] for jq that fixed the vulnerability
> referred to as CVE-2015-8863[1]. Some feedback would be welcome.
> 
> - Jelle
> 
> * gnu/packages/patches/jq-CVE-2015-8863.patch: New file.
> * gnu/local.mk (dist_patch_DATA): Add it.
> * gnu/packages/web.scm (jq): Add it.

Thank you for paying attention to this! I added a comment to the patch
file with links to the MITRE page and to the source of the patch. I
think this having this information about the patch is helpful.

Pushed as f2b4c18cd96a69e375d7d9b5ad1c09f8fc065571.

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH] gnu: jq: Fix CVE-2015-8863., Jelle Licht, 2016/08/11
- Re: [PATCH] gnu: jq: Fix CVE-2015-8863., Leo Famulari <=

Prev by Date: Re: [PATCH] gnu: Add Aircrack-ng.
Next by Date: [PATCH 1/2] font-adobe-source-code-pro
Previous by thread: [PATCH] gnu: jq: Fix CVE-2015-8863.
Next by thread: Re: pre-release [PATCH] git-service [v2]
Index(es):
- Date
- Thread