gnu: linux-libre@4.4: Add fixes for CVE-2016-8655 et al.

* gnu/packages/linux.scm (linux-libre-4.4): Add patches for CVE-2016-8655 and the vulnerability described in <http://seclists.org/oss-sec/2016/q4/644>.
2016-12-09 18:21:19 -05:00 · 2016-12-09 18:21:19 -05:00 · 1134e99d86
parent 27991c97e6
commit 1134e99d86
1 changed files with 19 additions and 1 deletions
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@ -336,7 +336,25 @@ It has been modified to remove all non-free binary blobs.")
  (make-linux-libre "4.4.37"
                    "1zw3hwpgxkxwplb81in5969vgbaamcwqarmxj3aq88yg6bqnh6b5"
                    %intel-compatible-systems
-                    #:configuration-file kernel-config))
+                    #:configuration-file kernel-config
+                    #:patches
+                    (list %boot-logo-patch
+                          (origin
+                            (method url-fetch)
+                            (uri "\
+https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable-rc.git/patch/?id=668dc0c33815e4f9ec02989785658516d343bc31")
+                            (file-name "linux-libre-4.4-CVE-2016-8655.patch")
+                            (sha256
+                             (base32
+                              "1bzgj36y8v7gflq3dlhmbbvvn9098a4yk4pcpixdz5c5pm7wrdv3")))
+                          (origin
+                            (method url-fetch)
+                            (uri "\
+https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable-rc.git/patch/?id=82330dbfb463389f2b0214dbcc69b78cc8e6cf8f")
+                            (file-name "linux-libre-4.4-iovec-fix.patch")
+                            (sha256
+                             (base32
+                              "1mqmgiqjm4pf4b3jzknclmdjfaqqr4708gcdgzhn84brrcm5iz30"))))))

 (define-public linux-libre-4.1
  (make-linux-libre "4.1.36"