From mboxrd@z Thu Jan  1 00:00:00 1970
From: Leo Famulari <leo@famulari.name>
Subject: [PATCH 1/1] gnu: linux-libre@4.1, linux-libre@4.4,
	linux-libre@4.9: Fix CVE-2017-6074.
Date: Wed, 22 Feb 2017 12:11:48 -0500
Message-ID: <e1452b63f56c853e1d666711feba5fd1cb72cae2.1487783508.git.leo@famulari.name>
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:35184)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <leo@famulari.name>) id 1cgaSk-00064e-8Y
	for guix-devel@gnu.org; Wed, 22 Feb 2017 12:12:23 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <leo@famulari.name>) id 1cgaSh-0000HS-Ja
	for guix-devel@gnu.org; Wed, 22 Feb 2017 12:12:22 -0500
Received: from out4-smtp.messagingengine.com ([66.111.4.28]:52757)
	by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
	(Exim 4.71) (envelope-from <leo@famulari.name>) id 1cgaSh-0000HG-34
	for guix-devel@gnu.org; Wed, 22 Feb 2017 12:12:19 -0500
Received: from localhost.localdomain (c-73-188-17-148.hsd1.pa.comcast.net
	[73.188.17.148])
	by mail.messagingengine.com (Postfix) with ESMTPA id 08EB97E31E
	for <guix-devel@gnu.org>; Wed, 22 Feb 2017 12:12:18 -0500 (EST)
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel/>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: "Guix-devel" <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
To: guix-devel@gnu.org

* gnu/packages/linux.scm (linux-libre-4.1, linux-libre-4.4,
linux-libre-4.9): Add patch for CVE-2017-6074.
---
 gnu/packages/linux.scm | 36 +++++++++++++++++++++++++++++++++---
 1 file changed, 33 insertions(+), 3 deletions(-)

diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index 5342c7f92..a6c564b27 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -351,19 +351,49 @@ It has been modified to remove all non-free binary blobs.")
   (make-linux-libre "4.9.11"
                     "1gypfg2984zr4z7hihnl3bbpxnk1mrqbynb6xd8ad2v2z04aw13q"
                     %intel-compatible-systems
-                    #:configuration-file kernel-config))
+                    #:configuration-file kernel-config
+                    #:patches
+                    (list %boot-logo-patch
+                          (origin
+                            (method url-fetch)
+                            (uri "\
+https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/patch/?id=5edabca9d4cff7f1f2b68f0bac55ef99d9798ba4")
+                            (file-name "linux-libre-CVE-2017-6074.patch")
+                            (sha256
+                             (base32
+                              "1x40slfz1qxgiaznyy13bwlh34450pkyyrkljpyjlx6c4mrzb1jj"))))))
 
 (define-public linux-libre-4.4
   (make-linux-libre "4.4.50"
                     "0c157kk0vgrb1fsyy4q3czqdg4npgql82n6p303afy8ylh2w6d3l"
                     %intel-compatible-systems
-                    #:configuration-file kernel-config))
+                    #:configuration-file kernel-config
+                    #:patches
+                    (list %boot-logo-patch
+                          (origin
+                            (method url-fetch)
+                            (uri "\
+https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/patch/?id=5edabca9d4cff7f1f2b68f0bac55ef99d9798ba4")
+                            (file-name "linux-libre-CVE-2017-6074.patch")
+                            (sha256
+                             (base32
+                              "1x40slfz1qxgiaznyy13bwlh34450pkyyrkljpyjlx6c4mrzb1jj"))))))
 
 (define-public linux-libre-4.1
   (make-linux-libre "4.1.38"
                     "165kmzglhg63hn7y4q7r6cb2dpsljxiq1czvgyx0bkd1vd2bcvsa"
                     %intel-compatible-systems
-                    #:configuration-file kernel-config))
+                    #:configuration-file kernel-config
+                    #:patches
+                    (list %boot-logo-patch
+                          (origin
+                            (method url-fetch)
+                            (uri "\
+https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/patch/?id=5edabca9d4cff7f1f2b68f0bac55ef99d9798ba4")
+                            (file-name "linux-libre-CVE-2017-6074.patch")
+                            (sha256
+                             (base32
+                              "1x40slfz1qxgiaznyy13bwlh34450pkyyrkljpyjlx6c4mrzb1jj"))))))
 
 (define-public linux-libre-arm-generic
   (make-linux-libre %linux-libre-version
-- 
2.11.1