From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <guix-patches-bounces+larch=yhetil.org@gnu.org>
Received: from mp10.migadu.com ([2001:41d0:403:4789::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by ms9.migadu.com with LMTPS
	id 6M/uJgxOHmWTLAEAG6o9tA:P1
	(envelope-from <guix-patches-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Thu, 05 Oct 2023 07:47:56 +0200
Received: from aspmx1.migadu.com ([2001:41d0:403:4789::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by mp10.migadu.com with LMTPS
	id 6M/uJgxOHmWTLAEAG6o9tA
	(envelope-from <guix-patches-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Thu, 05 Oct 2023 07:47:56 +0200
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by aspmx1.migadu.com (Postfix) with ESMTPS id 5114C4BDD7
	for <larch@yhetil.org>; Thu,  5 Oct 2023 07:47:56 +0200 (CEST)
Authentication-Results: aspmx1.migadu.com;
	dkim=fail ("headers rsa verify failed") header.d=gmail.com header.s=20230601 header.b=DnZJ9uDM;
	spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org";
	dmarc=fail reason="SPF not aligned (relaxed)" header.from=gmail.com (policy=none)
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org;
	s=key1; t=1696484876;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:resent-cc:
	 resent-from:resent-sender:resent-message-id:in-reply-to:in-reply-to:
	 references:references:list-id:list-help:list-unsubscribe:
	 list-subscribe:list-post:dkim-signature;
	bh=c6p6tNfG2uPpgQwspI6HCtVd6jiEr+76dpGAuZixtTY=;
	b=h/vMR2ZjdQmMlHLz2Rlc3JB8soA/9do2fTBzcbzSvN3WET9fMYVl0jOjrljpQvjn+DKqZ/
	Iy5LgEuf2AgQBHXJ1sbIu+I7JwFEARWtmHBEe5khnOqbWWPPjvt0elrgBY8p9eRmfUztbM
	3DMhZDwQgoO/YRlFuks8BHogEtT8SYrCx1KicyzGsde6qAeSM8W60rkeRyRMc24lonArHy
	0QFwhn6G01sYpVKhk4HFOPlcSCuv8fnC3bLUjqABbdSvFrMIKXoYoyI+hPyMf9mbd2SNyL
	HYIRFvM4YhKZbud5qlXqH+urNu6Alb4NqxRM2MGuNzqxDwgpiahSXYLuaojIpQ==
ARC-Seal: i=1; s=key1; d=yhetil.org; t=1696484876; a=rsa-sha256; cv=none;
	b=IDtU3eA3c9xVkfbxdvkT8Q01oMCNY2DQqLAIKK/o1Yax6V/PfIltcyRng/iAZyi+Mf0G8K
	UrisS+ZW64WAZg2p4eoaAe03oV3Oi/FIowZT0zJVdfxSkcIsDdz4x/qKc7V3dLcaoEbwEX
	fzrtn1Jk/70mt3ON35lybdimaYQ6J3ZZi3zcC3OSN8JAAYpUr8bl7DiWnkbEeUwWWg3k1v
	2RPUuXiTdQYykD6ItmiS2fqZ1pIYOf42Cr3JKoHyUfYYFGgrVS+C12drOzBCTgkfS41NJQ
	fne1ZhBw250iL93U2eMp8s2wKM9ufhgViP/nafewnTJb7g0jPeBw8zvkL/e6Sg==
ARC-Authentication-Results: i=1;
	aspmx1.migadu.com;
	dkim=fail ("headers rsa verify failed") header.d=gmail.com header.s=20230601 header.b=DnZJ9uDM;
	spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org";
	dmarc=fail reason="SPF not aligned (relaxed)" header.from=gmail.com (policy=none)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <guix-patches-bounces@gnu.org>)
	id 1qoHD8-0005q3-Ap; Thu, 05 Oct 2023 01:47:46 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1qoHD7-0005pu-CU
 for guix-patches@gnu.org; Thu, 05 Oct 2023 01:47:45 -0400
Received: from debbugs.gnu.org ([2001:470:142:5::43])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1qoHD5-0008Ua-TA
 for guix-patches@gnu.org; Thu, 05 Oct 2023 01:47:45 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1qoHDN-0002Rh-Sq
 for guix-patches@gnu.org; Thu, 05 Oct 2023 01:48:01 -0400
X-Loop: help-debbugs@gnu.org
Subject: [bug#66348] [PATCH RFC] gnu: glibc: Fix CVE-2023-4911.
Resent-From: Liliana Marie Prikler <liliana.prikler@gmail.com>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Thu, 05 Oct 2023 05:48:01 +0000
Resent-Message-ID: <handler.66348.B66348.16964848389305@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 66348
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 66348@debbugs.gnu.org
Cc: Ludovic =?UTF-8?Q?Court=C3=A8s?= <ludo@gnu.org>
Received: via spool by 66348-submit@debbugs.gnu.org id=B66348.16964848389305
 (code B ref 66348); Thu, 05 Oct 2023 05:48:01 +0000
Received: (at 66348) by debbugs.gnu.org; 5 Oct 2023 05:47:18 +0000
Received: from localhost ([127.0.0.1]:45797 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1qoHCf-0002Q0-Sh
 for submit@debbugs.gnu.org; Thu, 05 Oct 2023 01:47:18 -0400
Received: from mail-wr1-x444.google.com ([2a00:1450:4864:20::444]:47162)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <liliana.prikler@gmail.com>) id 1qoHCd-0002Pi-OY
 for 66348@debbugs.gnu.org; Thu, 05 Oct 2023 01:47:16 -0400
Received: by mail-wr1-x444.google.com with SMTP id
 ffacd0b85a97d-31f71b25a99so605061f8f.2
 for <66348@debbugs.gnu.org>; Wed, 04 Oct 2023 22:46:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1696484812; x=1697089612; darn=debbugs.gnu.org;
 h=mime-version:user-agent:content-transfer-encoding:references
 :in-reply-to:date:cc:to:from:subject:message-id:from:to:cc:subject
 :date:message-id:reply-to;
 bh=c6p6tNfG2uPpgQwspI6HCtVd6jiEr+76dpGAuZixtTY=;
 b=DnZJ9uDMOux0oQ+aPYrp5G0d7rW7wml/6MrNURka0shTO3TMhLAdcGrLCN/AT3RHDk
 0/k5OBlAA5lQ3dsV8hW+2pe9CCymD3UOE5YJTvWwjKoLtq9NEFFVpAl9P4D3w4W23nkQ
 +VuowcE6gsIIhpAzVnYpKVPh0ARFRyWxMIlnZBZDyU72zf+XrMWnj/bWa1HyMQSgWkqV
 oj0p3Le5Fkk3aVt8DLZASP9/f8gimReMEMjAjJoEQVkNiD8eDX3ONqLxSeLbIjCphGnB
 QSUTVPxhEVxobCONfpacm1gXsUKte6RooHuKYmJDEGZ7BHpElAV1KLAqe9j2Bzd9gMj0
 3+2Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1696484812; x=1697089612;
 h=mime-version:user-agent:content-transfer-encoding:references
 :in-reply-to:date:cc:to:from:subject:message-id:x-gm-message-state
 :from:to:cc:subject:date:message-id:reply-to;
 bh=c6p6tNfG2uPpgQwspI6HCtVd6jiEr+76dpGAuZixtTY=;
 b=ivWpBRcSHBnLhYAK0UXIQT9Wq/C04dOz78Sb7BFrZnWNPiO8Lkf47Oi1Hrej1Y2mVs
 B5wrfJWTMRomVc48Tlc1DZNa24RVCQporcYQIdnSM6NJM/V/eleSbD+ogY5HGobXuBYd
 pve4gK/aXSSJW9nhS1lVMLv+cUNcvirhPQKoPsKxehJTOJAI+Wb3obnsiIU5rIcaSbsr
 i9o97tLLg5rEB/CcJ12s4E9EDKDgbrMWUMYE1GRsyRkNse0t+pXonEythPPQGga7FSI9
 rMz+6TMRE/lMZRj4sj8iCWn+d8LdH1QSe4FL48c8+kkQo9AlXrN1+j+A1cCHWX2IuGwj
 Z+6A==
X-Gm-Message-State: AOJu0Yw2g7nWTpeSBT/Kg8VTkRfjy/fJfg24t0406nTrsmoQRwbIeKpt
 UMvjdiqIyelwsn8bMuJF5ZxYrAse2jFnlQ==
X-Google-Smtp-Source: AGHT+IEiHuQH1yCWdff8MAZCVFi8RgaXVb9x7EVKEPIz84o0mVpU08DwRLtz6c9GtfPDnaEZ01+gLw==
X-Received: by 2002:a5d:6909:0:b0:321:6a61:e45a with SMTP id
 t9-20020a5d6909000000b003216a61e45amr4445927wru.15.1696484811767; 
 Wed, 04 Oct 2023 22:46:51 -0700 (PDT)
Received: from lumine.fritz.box (85-127-52-93.dsl.dynamic.surfer.at.
 [85.127.52.93]) by smtp.gmail.com with ESMTPSA id
 r18-20020a5d4952000000b00326b8a0e817sm855329wrs.84.2023.10.04.22.46.50
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 04 Oct 2023 22:46:50 -0700 (PDT)
Message-ID: <ef2b25db2d6cf606c2e22bcf9bc7fbbb9aba197d.camel@gmail.com>
From: Liliana Marie Prikler <liliana.prikler@gmail.com>
Date: Thu, 05 Oct 2023 07:46:49 +0200
In-Reply-To: <b4b918de4fce8ab839b51740f2758dc13f9884d5.1696450898.git.liliana.prikler@gmail.com>
References: <b4b918de4fce8ab839b51740f2758dc13f9884d5.1696450898.git.liliana.prikler@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
User-Agent: Evolution 3.46.4 
MIME-Version: 1.0
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: guix-patches@gnu.org
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-patches>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org
Sender: guix-patches-bounces+larch=yhetil.org@gnu.org
X-Migadu-Country: US
X-Migadu-Flow: FLOW_IN
X-Spam-Score: 2.76
X-Migadu-Spam-Score: 2.76
X-Migadu-Scanner: mx1.migadu.com
X-Migadu-Queue-Id: 5114C4BDD7
X-TUID: VLUOMkR7aAuU

Am Mittwoch, dem 04.10.2023 um 21:27 +0200 schrieb Liliana Marie
Prikler:
> * gnu/packages/patches/glibc-2.35-CVE-2023-4911.patch: New file.
> * gnu/local.mk: Register it here.
> * gnu/packages/base.scm (glibc/fixed): New variable.
> (glibc): Use it as replacement.
> ---
> Hi folks,
>=20
> you might have heard about a little bad boi called CVE-2023-4911.
> Stirred up some news recently.=C2=A0 I've "backported" the fix that's
> currently sleeping on glibc master to our current glibc; only a test
> needed adjusting.=C2=A0 I still have to verify that it works in a vm, but
> it appears to be rebuilding more than I anticipated, so that might
> take me some time.
>=20
> Anyway, have at it in the meantime.
Confirmed in a VM that su no longer segfaults with this.

Cheers