aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/patches/readline-6.2-CVE-2014-2524.patch
blob: 12db684d8789298c1fc5f75943d69b8526bcf9c4 (about) (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42

Fix CVE-2014-2524:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2524
http://lists.gnu.org/archive/html/bug-readline/2014-03/msg00057.html

Patch copied from:
https://ftp.gnu.org/gnu/readline/readline-6.3-patches/readline63-003

			   READLINE PATCH REPORT
			   =====================

Readline-Release: 6.3
Patch-ID: readline63-003

Bug-Reported-by:
Bug-Reference-ID:
Bug-Reference-URL:

Bug-Description:

There are debugging functions in the readline release that are theoretically
exploitable as security problems.  They are not public functions, but have
global linkage.

Patch (apply with `patch -p0'):

*** ../readline-6.3/util.c	2013-09-02 13:36:12.000000000 -0400
--- util.c	2014-03-20 10:25:53.000000000 -0400
***************
*** 477,480 ****
--- 479,483 ----
  }
  
+ #if defined (DEBUG)
  #if defined (USE_VARARGS)
  static FILE *_rl_tracefp;
***************
*** 539,542 ****
--- 542,546 ----
  }
  #endif
+ #endif /* DEBUG */
generated by cgit
td/> Raw disk-images and ISO9660 images are created in a Qemu virtual machine. This is quite fragile, very slow, and almost unusable without KVM. For all these reasons, add support for host image generation. This implies the use new image generation mechanisms. - Raw disk images: images of partitions are created using tools such as mke2fs and mkdosfs depending on the partition file-system type. The partition images are then assembled into a final image using genimage. - ISO9660 images: the ISO root directory is populated within the store. GNU xorriso is then called on that directory, in the exact same way as this is done in (gnu build vm) module. Those mechanisms are built upon the new (gnu image) module. * gnu/image.scm: New file. * gnu/system/image.scm: New file. * gnu/build/image: New file. * gnu/local.mk: Add them. * gnu/system/vm.scm (system-disk-image): Rename to system-disk-image-in-vm. * gnu/ci.scm (qemu-jobs): Adapt to new API. * gnu/tests/install.scm (run-install): Ditto. * guix/scripts/system.scm (system-derivation-for-action): Ditto. 2020-05-05build: install: Do not set store GID.Mathieu Othacehe There's no need to set the store GID as is will be done by the guix-daemon, with the following snippet: if (chown(chrootStoreDir.c_str(), 0, buildUser.getGID()) == -1) throw SysError(format("cannot change ownership of ‘%1%’") % chrootStoreDir); * gnu/build/install.scm (directives): Do not set store GID. 2020-05-05build: install: Ignore chown exceptions.Mathieu Othacehe Changing ownership may require root permissions. As image can now be generated without root permissions (no VM involved), ignore those exceptions. * gnu/build/install.scm (evaluate-populate-directive): Ignore chown exceptions. 2020-04-11install: 'populate-root-file-system' can be passed extra directives.Ludovic Courtès * gnu/build/install.scm (evaluate-populate-directive): Handle 'file' directives. (populate-root-file-system): Add #:extras parameter and honor it.