From 6b2921c3acf2cc808128af97784929365f8582af Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Fri, 9 Dec 2016 18:19:22 -0500 Subject: [PATCH] gnu: linux-libre: Add fixes for CVE-2016-8655 et al. * gnu/packages/linux.scm (linux-libre, linux-libre-arm-generic): Add patches for CVE-2016-8655 and the vulnerability described in . --- gnu/packages/linux.scm | 40 ++++++++++++++++++++++++++++++++++++++-- 1 file changed, 38 insertions(+), 2 deletions(-) diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index a7a7f2d83d..f3c84c65ec 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -330,7 +330,25 @@ It has been modified to remove all non-free binary blobs.") (make-linux-libre "4.8.13" "1n1bhasqih8acag2glwaqsh76avpinvchvwg6g4q1pfm2vs1499x" %intel-compatible-systems - #:configuration-file kernel-config)) + #:configuration-file kernel-config + #:patches + (list %boot-logo-patch + (origin + (method url-fetch) + (uri "\ +https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable-rc.git/patch/?id=9bd018da073c1360c260d2e11e0da9b24911c4a8") + (file-name "linux-libre-4.8-CVE-2016-8655.patch") + (sha256 + (base32 + "1pq80vnwv01l0rj2g0r7i4rjnx3ll8iq4rpl6w3fmc77agdb3bpq"))) + (origin + (method url-fetch) + (uri "\ +https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable-rc.git/patch/?id=af8a38c78233a3356c626c1fabfc93c66094e6e8") + (file-name "linux-libre-4.8-iovec-fix.patch") + (sha256 + (base32 + "082a5dpkgsc0mjlzqc03d815xx8gdqk0s4glvi4y1b9vl8c4vmwy")))))) (define-public linux-libre-4.4 (make-linux-libre "4.4.37" @@ -371,7 +389,25 @@ https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable-rc.git/patch/?i %linux-libre-hash '("armhf-linux") #:defconfig "multi_v7_defconfig" - #:extra-version "arm-generic")) + #:extra-version "arm-generic" + #:patches + (list %boot-logo-patch + (origin + (method url-fetch) + (uri "\ +https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable-rc.git/patch/?id=9bd018da073c1360c260d2e11e0da9b24911c4a8") + (file-name "linux-libre-4.8-CVE-2016-8655.patch") + (sha256 + (base32 + "1pq80vnwv01l0rj2g0r7i4rjnx3ll8iq4rpl6w3fmc77agdb3bpq"))) + (origin + (method url-fetch) + (uri "\ +https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable-rc.git/patch/?id=af8a38c78233a3356c626c1fabfc93c66094e6e8") + (file-name "linux-libre-4.8-iovec-fix.patch") + (sha256 + (base32 + "082a5dpkgsc0mjlzqc03d815xx8gdqk0s4glvi4y1b9vl8c4vmwy")))))) ;;;