public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

linux_4_8: add patch to fix CVE-2016-9919

Browse Source
This commit is contained in:
Franz Pletz 2016-12-26 14:56:15 +01:00
parent c311871a6d
commit c6bcc485de
No known key found for this signature in database
GPG Key ID: 846FDED7792617B4
2 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
pkgs/os-specific/linux/kernel/patches.nix
View File

@ -165,4 +165,14 @@ rec {
sha256 = "19viqjjgq8j8jiz5yhgmzwhqvhwv175q645qdazd1k69d25nv2ki"; sha256 = "19viqjjgq8j8jiz5yhgmzwhqvhwv175q645qdazd1k69d25nv2ki";
}; };
}; };
panic_on_icmp6_frag_CVE_2016_9919 = rec
{ name = "panic_on_icmp6_frag_CVE_2016_9919.patch";
patch = fetchpatch {
inherit name;
url = "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/patch/?id=79dc7e3f1cd323be4c81aa1a94faa1b3ed987fb2";
sha256 = "0mps33r4mnwiy0bmgrzgqkrk59yya17v6kzpv9024g4xlz61rk8p";
};
};
} }

1
pkgs/top-level/all-packages.nix
View File

@ -11079,6 +11079,7 @@ in
# !!! 4.7 patch doesn't apply, 4.8 patch not up yet, will keep checking # !!! 4.7 patch doesn't apply, 4.8 patch not up yet, will keep checking
# kernelPatches.cpu-cgroup-v2."4.7" # kernelPatches.cpu-cgroup-v2."4.7"
kernelPatches.modinst_arg_list_too_long kernelPatches.modinst_arg_list_too_long
kernelPatches.panic_on_icmp6_frag_CVE_2016_9919
] ]
++ lib.optionals ((platform.kernelArch or null) == "mips") ++ lib.optionals ((platform.kernelArch or null) == "mips")
[ kernelPatches.mips_fpureg_emu [ kernelPatches.mips_fpureg_emu