mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2024-12-29 07:42:23 -05:00
gnu: heimdal: Apply patch to fix CVE-2022-45142.
Several recent Heimdal releases are affected by the serious vulnerability CVE-2022-45142, which NIST scored as "7.5 HIGH". [1] At the time of writing, the upstream developers had not yet cut any releases post-7.8.0, which is why the patch is being applied here. The patch was extracted from Helmut Grohne's public vulnerability disclosure. [2] [1] https://nvd.nist.gov/vuln/detail/CVE-2022-45142 [2] https://www.openwall.com/lists/oss-security/2023/02/08/1 * gnu/packages/patches/heimdal-CVE-2022-45142.patch: New patch. * gnu/local.mk (dist_patch_DATA): Register it. * gnu/packages/kerberos.scm (heimdal)[source]: Apply it. Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
This commit is contained in:
parent
f508bc1491
commit
770112f235
1 changed files with 2 additions and 0 deletions
|
@ -179,6 +179,8 @@ (define-public heimdal
|
|||
(sha256
|
||||
(base32
|
||||
"0f4dblav859p5hn7b2jdj1akw6d8p32as6bj6zym19kghh3s51zx"))
|
||||
(patches
|
||||
(search-patches "heimdal-CVE-2022-45142.patch"))
|
||||
(modules '((guix build utils)))
|
||||
(snippet
|
||||
'(begin
|
||||
|
|
Loading…
Reference in a new issue