guix - Wojtek's customized Guix

about summary refs log tree commit diff

Fix CVE-2014-2524:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2524
http://lists.gnu.org/archive/html/bug-readline/2014-03/msg00057.html

Patch copied from:
https://ftp.gnu.org/gnu/readline/readline-6.3-patches/readline63-003

			   READLINE PATCH REPORT
			   =====================

Readline-Release: 6.3
Patch-ID: readline63-003

Bug-Reported-by:
Bug-Reference-ID:
Bug-Reference-URL:

Bug-Description:

There are debugging functions in the readline release that are theoretically
exploitable as security problems.  They are not public functions, but have
global linkage.

Patch (apply with `patch -p0'):

*** ../readline-6.3/util.c	2013-09-02 13:36:12.000000000 -0400
--- util.c	2014-03-20 10:25:53.000000000 -0400
***************
*** 477,480 ****
--- 479,483 ----
  }
  
+ #if defined (DEBUG)
  #if defined (USE_VARARGS)
  static FILE *_rl_tracefp;
***************
*** 539,542 ****
--- 542,546 ----
  }
  #endif
+ #endif /* DEBUG */

'>2018-02-28gnu: dblatex: Update to 0.3.10....Tobias Geerinckx-Rice 2018-02-20gnu: dblatex: Update phase style....Tobias Geerinckx-Rice 2018-01-02gnu: docbook-xsl: Disable recursion in string substitution....Marius Bakke 2017-07-09gnu: dblatex: Use texlive-union....Ricardo Wurmus 2017-06-20gnu: Move contents of zip module into compression module....Arun Isaac 2016-12-04Merge branch 'master' into stagingMarius Bakke 2016-12-02gnu: dblatex: Update comment....Hartmut Goebel 2016-12-02gnu: dblatex: Update to 0.3.9....Marius Bakke 2016-12-01gnu: dblatex: Do not use python setuptools for building....Marius Bakke 2016-11-30Merge branch 'master' into stagingMarius Bakke 2016-11-27gnu: docbook-xsl: Update to 1.79.1....Marius Bakke 2016-11-15gnu: Remove python-setuptools and python2-setuptools from inputs (part 2)...Hartmut Goebel 2016-07-21gnu: Update URLs for sourceforge.net....Leo Famulari 2016-05-26gnu: Rename texlive module to tex....Roel Janssen 2016-04-15gnu: Add docbook-xml-4.1.2....Mathieu Lirzin 2015-11-13gnu: Adjust formatting as recommended by 'guix lint'....宋文武 669721e3baa6a0662da8e9e9f5da66cf'>Merge branch 'master' into core-updatesLeo Famulari 2017-12-19gnu: Remove redundant cmake libdir configure flags....Efraim Flashner 2017-12-19gnu: keepassxc: Update to 2.2.4....Leo Famulari 2017-12-08gnu: keepassxc: Always install libraries to /lib....Rutger Helling 2017-12-02gnu: keepassxc: Update to 2.2.2....Manolis Ragkousis 2017-11-17gnu: Move testing packages from python.scm to check.scm....Ricardo Wurmus 2017-11-10gnu: password-store: Install passmenu script....Jelle Licht 2017-10-22gnu: keepassxc: Update to 2.2.1....Nicolas Goaziou 2017-10-15gnu: python-cffi: Move to libffi.scm...Efraim Flashner 2017-09-13gnu: Add John the Ripper....Eric Bavier 2017-08-06gnu: keepassx: Superseded by keepassxc....Efraim Flashner 2017-08-06gnu: Add keepassxc....Efraim Flashner 2017-06-26gnu: Add pass-git-helper....Jelle Licht 2017-06-21gnu: cracklib: Fix up description....Tobias Geerinckx-Rice 2017-06-21gnu: libpwquality: Update to 1.4.0....Tobias Geerinckx-Rice 2017-05-10gnu: libpwquality: Update source and home-page URLs....Ethan R. Jones 2017-04-14gnu: password-store: Update to 1.7.1....Arun Isaac 2017-03-28gnu: shroud: Use HTTPS source URL....Leo Famulari 2017-03-28gnu: shroud: Fix home page URL....Arun Isaac 2017-03-16gnu: password-store: Fix compatibility with GnuPG 2.1.19....Clément Lassieur 2017-03-02gnu: password-store: Update to 1.7....Marius Bakke 2017-01-28gnu: assword: Wrap with the GObject typelib of GTK+....宋文武 2017-01-17gnu: password-store: Install bash completions....Marius Bakke 2017-01-10gnu: cracklib: Fix buffer overflow....Leo Famulari 2017-01-03gnu: assword: Update to 0.10....Leo Famulari 2016-12-20gnu: argon2: Update to 20161029....Tobias Geerinckx-Rice 2016-12-10gnu: password-store: Don't run tests in parallel....Christopher Baines 2016-12-10gnu: password-store: Delete build phase...Christopher Baines 2016-11-15gnu: Fix python inputs, part 1: all inputs become propagated-inputs....Hartmut Goebel 2016-11-15gnu: Remove python-setuptools and python2-setuptools from inputs (part 4a)...Hartmut Goebel 2016-11-15gnu: Remove python-setuptools and python2-setuptools from inputs (part 2)...Hartmut Goebel 2016-11-07gnu: keepassx: Update to 2.0.3....Efraim Flashner