[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug#29232] [PATCH] gnu: qemu: Fix CVE-2017-{15038,15268,15289}.
From: |
Leo Famulari |
Subject: |
[bug#29232] [PATCH] gnu: qemu: Fix CVE-2017-{15038,15268,15289}. |
Date: |
Thu, 9 Nov 2017 13:15:53 -0500 |
What do you think of fetching the patches like this, instead of copying
them into the Guix source tree?
* gnu/packages/virtualization.scm (qemu-patch): Use HTTPS.
(qemu)[source]: Use qemu-patch.
---
gnu/packages/virtualization.scm | 31 +++++++++++++++++++++++--------
1 file changed, 23 insertions(+), 8 deletions(-)
diff --git a/gnu/packages/virtualization.scm b/gnu/packages/virtualization.scm
index 14b1dfbe0..2a2f41626 100644
--- a/gnu/packages/virtualization.scm
+++ b/gnu/packages/virtualization.scm
@@ -69,7 +69,7 @@
(origin
(method url-fetch)
(uri (string-append
- "http://git.qemu.org/?p=qemu.git;a=commitdiff_plain;h="
+ "https://git.qemu.org/?p=qemu.git;a=commitdiff_plain;h="
commit))
(sha256 sha256)
(file-name file-name)))
@@ -78,13 +78,28 @@
(package
(name "qemu")
(version "2.10.1")
- (source (origin
- (method url-fetch)
- (uri (string-append "https://download.qemu.org/qemu-"
- version ".tar.xz"))
- (sha256
- (base32
- "1ahwl7r18iw2ds0q3c51nlivqsan9hcgnc8bbf9pv366iy81mm8x"))))
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://download.qemu.org/qemu-"
+ version ".tar.xz"))
+ (patches
+ (list
+ (qemu-patch "7bd92756303f2158a68d5166264dc30139b813b6"
+ "qemu-CVE-2017-15038.patch"
+ (base32
+
"0wpgf8ivjdbaihf2l7720h1fydh7kdl36wj2nchjd9irfkhw399q"))
+ (qemu-patch "a7b20a8efa28e5f22c26c06cd06c2f12bc863493"
+ "qemu-CVE-2017-15268.patch"
+ (base32
+
"1adhwj91pmgbmdvyrkvslbfsyz7l00xdrr6vzps6s58q5idvdp79"))
+ (qemu-patch "eb38e1bc3740725ca29a535351de94107ec58d51"
+ "qemu-CVE-2017-15289.patch"
+ (base32
+
"1zshrlzbwgwrsnimbq8kqr7injd65ncsr8a4lrmgyfv185ma4z8d"))))
+ (sha256
+ (base32
+ "1ahwl7r18iw2ds0q3c51nlivqsan9hcgnc8bbf9pv366iy81mm8x"))))
(build-system gnu-build-system)
(arguments
'(;; Running tests in parallel can occasionally lead to failures, like:
--
2.15.0
- [bug#29232] [PATCH] gnu: qemu: Fix CVE-2017-{15038,15268,15289}.,
Leo Famulari <=