public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

glibc: patch CVE-2017-1000366 (stack clash)

Browse Source
This commit is contained in:
Franz Pletz
2017-06-21 21:52:59 +02:00
parent aab71b31d5
commit 2296bf394e
4 changed files with 362 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
pkgs/development/libraries/glibc/common.nix
View File

@@ -59,6 +59,11 @@ stdenv.mkDerivation ({
"/bin:/usr/bin", which is inappropriate on NixOS machines. This
patch extends the search path by "/run/current-system/sw/bin". */
./fix_path_attribute_in_getconf.patch
/* Stack Clash */
./CVE-2017-1000366-rtld-LD_LIBRARY_PATH.patch
./CVE-2017-1000366-rtld-LD_PRELOAD.patch
./CVE-2017-1000366-rtld-LD_AUDIT.patch
]
++ lib.optional stdenv.isi686 ./fix-i686-memchr.patch;