From: Mark H Weaver <mhw@netris.org>
To: "Ludovic Courtès" <ludo@gnu.org>
Cc: 27429@debbugs.gnu.org
Subject: bug#27429: Stack clash (CVE-2017-1000366 etc)
Date: Thu, 29 Jun 2017 11:49:41 -0400 [thread overview]
Message-ID: <87h8yyn696.fsf@netris.org> (raw)
In-Reply-To: <87mv8rqcuu.fsf@gnu.org> ("Ludovic \=\?utf-8\?Q\?Court\=C3\=A8s\=22'\?\= \=\?utf-8\?Q\?s\?\= message of "Thu, 29 Jun 2017 12:58:49 +0200")
ludo@gnu.org (Ludovic Courtès) writes:
> As discussed yesterday on IRC, here’s a patch that applies the glibc
> patches for CVE-2017-1000366 in ‘core-updates’.
>
> That’s a rebuild-the-world change but we still have work to do in
> ‘core-updates’ anyway, notably regarding the Perl dot-in-@INC issue.
>
> OK for you?
Sounds good to me, but I've already merged 'master' into 'core-updates'
with this as a graft, so what's remains is to ungraft it there.
Also note that when I merged it, I forgot to add
"glibc-memchr-overflow-i686.patch" to the older variants of 'glibc'.
Unfortunately, this was a case where git merge automatically did the
wrong thing, without any conflict. I was going to fix this soon by
eliminating the redundant lists of patches, but now I won't have to.
Thanks,
Mark
next prev parent reply other threads:[~2017-06-29 15:51 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-06-19 22:25 bug#27429: Stack clash (CVE-2017-1000366 etc) Leo Famulari
2017-06-19 23:05 ` Leo Famulari
2017-06-20 0:42 ` Leo Famulari
2017-06-20 0:49 ` Leo Famulari
2017-06-20 7:18 ` Efraim Flashner
2017-06-20 13:16 ` Leo Famulari
2017-06-20 21:44 ` Mark H Weaver
2017-06-21 8:41 ` Efraim Flashner
2017-06-21 9:50 ` Efraim Flashner
2017-06-21 23:52 ` Leo Famulari
2017-06-22 0:03 ` Leo Famulari
2017-06-22 6:44 ` Mark H Weaver
2017-06-22 16:17 ` Leo Famulari
2017-06-22 18:34 ` Leo Famulari
2017-06-22 19:25 ` Leo Famulari
2017-06-29 10:58 ` Ludovic Courtès
2017-06-29 15:49 ` Mark H Weaver [this message]
2017-06-29 20:06 ` Ludovic Courtès
2017-06-29 21:03 ` bug#27429: core-updates and shishi [was Re: bug#27429: Stack clash (CVE-2017-1000366 etc)] Leo Famulari
2017-06-29 22:27 ` Ludovic Courtès
2017-06-30 6:47 ` Leo Famulari
2017-06-30 12:59 ` Ludovic Courtès
2017-06-23 17:20 ` bug#27429: Stack clash (CVE-2017-1000366 etc) Leo Famulari
2017-06-23 18:36 ` Mark H Weaver
2017-06-23 18:54 ` Leo Famulari
2017-06-23 20:03 ` Mark H Weaver
2017-06-24 7:11 ` Mark H Weaver
2017-06-26 8:41 ` Ludovic Courtès
2017-06-26 11:19 ` Mark H Weaver
2017-06-27 13:57 ` Ludovic Courtès
2017-06-28 21:55 ` Leo Famulari
2017-06-20 3:31 ` Mark H Weaver
2017-06-25 9:38 ` bug#27429: Stack clash (CVE-2017-1000366 etc); -fstack-check Danny Milosavljevic
2017-06-25 10:41 ` Marius Bakke
2017-06-25 13:19 ` Leo Famulari
2017-07-20 15:54 ` bug#27429: Stack clash (CVE-2017-1000366 etc) Ludovic Courtès
2017-07-20 19:13 ` Leo Famulari
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87h8yyn696.fsf@netris.org \
--to=mhw@netris.org \
--cc=27429@debbugs.gnu.org \
--cc=ludo@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).