[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug#27749] [PATCH] gnu: heimdal: Update to 7.4.0 [fixes CVE-2017-11103]
|
From: |
Leo Famulari |
|
Subject: |
[bug#27749] [PATCH] gnu: heimdal: Update to 7.4.0 [fixes CVE-2017-11103]. |
|
Date: |
Thu, 20 Jul 2017 15:51:34 -0400 |
|
User-agent: |
Mutt/1.8.3 (2017-05-23) |
On Wed, Jul 19, 2017 at 07:04:53PM +0800, Alex Vong wrote:
> Here is the updated patch:
>
> From 33ae64ead2031e7707639302977d31487e992660 Mon Sep 17 00:00:00 2001
> From: Alex Vong <address@hidden>
> Date: Wed, 19 Jul 2017 17:01:47 +0800
> Subject: [PATCH] gnu: heimdal: Fix CVE-2017-{6594,11103}.
>
> * gnu/packages/patches/heimdal-CVE-2017-6594.patch,
> gnu/packages/patches/heimdal-CVE-2017-11103.patch: New files.
> * gnu/local.mk (dist_patch_DATA): Add them.
> * gnu/packages/kerberos.scm (heimdal)[source]: Use them.
Thanks! I recreated the commit since the patch no longer applied to
'gnu/local.mk' and pushed as 81c35029d4ee4fa7cd517998844229a514b35531.
I'm leaving this bug open for now so we can discuss the update.
By the way everyone, the vulnerability disclosure / promotion web page,
<https://orpheus-lyre.info>, has a nice primer on the bug (warning, the
page plays music automatically). Thanks for including that, Alex.
signature.asc
Description: PGP signature