guix-patches
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#29232] [PATCH] gnu: qemu: Fix CVE-2017-{15038,15268,15289}.

From: Ludovic Courtès
Subject: [bug#29232] [PATCH] gnu: qemu: Fix CVE-2017-{15038,15268,15289}.
Date: Thu, 09 Nov 2017 23:51:48 +0100
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/25.3 (gnu/linux) 
Hello,

Leo Famulari <address@hidden> skribis:

> What do you think of fetching the patches like this, instead of copying
> them into the Guix source tree?

I think it’s OK.  If the Gitweb instance disappears, or if it changes
somehow, hopefully the patch itself will still have the same hash, so we
can always change to different URL or a local file.

> * gnu/packages/virtualization.scm (qemu-patch): Use HTTPS.
> (qemu)[source]: Use qemu-patch.

[…]

> +            (qemu-patch "7bd92756303f2158a68d5166264dc30139b813b6"
> +                        "qemu-CVE-2017-15038.patch"
> +                        (base32
> +                         
> "0wpgf8ivjdbaihf2l7720h1fydh7kdl36wj2nchjd9irfkhw399q"))
> +            (qemu-patch "a7b20a8efa28e5f22c26c06cd06c2f12bc863493"
> +                        "qemu-CVE-2017-15268.patch"
> +                        (base32
> +                         
> "1adhwj91pmgbmdvyrkvslbfsyz7l00xdrr6vzps6s58q5idvdp79"))
> +            (qemu-patch "eb38e1bc3740725ca29a535351de94107ec58d51"
> +                        "qemu-CVE-2017-15289.patch"
> +                        (base32
> +                         
> "1zshrlzbwgwrsnimbq8kqr7injd65ncsr8a4lrmgyfv185ma4z8d"))))

I trust these commits correspond to these CVEs.

Thanks,
Ludo’.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]