Fix CVE-2014-2524: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2524 http://lists.gnu.org/archive/html/bug-readline/2014-03/msg00057.html Patch copied from: https://ftp.gnu.org/gnu/readline/readline-6.3-patches/readline63-003 READLINE PATCH REPORT ===================== Readline-Release: 6.3 Patch-ID: readline63-003 Bug-Reported-by: Bug-Reference-ID: Bug-Reference-URL: Bug-Description: There are debugging functions in the readline release that are theoretically exploitable as security problems. They are not public functions, but have global linkage. Patch (apply with `patch -p0'): *** ../readline-6.3/util.c 2013-09-02 13:36:12.000000000 -0400 --- util.c 2014-03-20 10:25:53.000000000 -0400 *************** *** 477,480 **** --- 479,483 ---- } + #if defined (DEBUG) #if defined (USE_VARARGS) static FILE *_rl_tracefp; *************** *** 539,542 **** --- 542,546 ---- } #endif + #endif /* DEBUG */ ght'>
aboutsummaryrefslogtreecommitdiff
path: root/gnu/system.scm
AgeCommit message (Expand)Author
2023-07-30system: Fix a blown FUSE....I bungled up a merge conflict between 789f7e9 (gnu: fuse@3: Bind to default FUSE variable.) and my other setuid-related changes. * gnu/system.scm (%setuid-programs): Look for /bin/fusermount in FUSE-2, not 3. Reported by renngar[m] in #guix. Tobias Geerinckx-Rice
2023-07-23gnu: fuse@3: Bind to default FUSE variable....* gnu/packages/linux.scm (fuse): Rename this… (fuse-2): …to this, and… (fuse-3): …rename this… (fuse): …to this! (fuse-static): Rename this… (fuse-2-static): …to this. Adjust all users. Tobias Geerinckx-Rice
2023-07-13system: hurd: Boot with pci.arbiter and rumpdisk....* gnu/system.scm (hurd-multiboot-modules): Add commands for pci.arbiter and rumpdisk. Signed-off-by: Josselin Poiret <dev@jpoiret.xyz> Janneke Nieuwenhuizen