Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

as31: Apply Debian patch for CVE-2012-0808 #18904

Merged
merged 1 commit into from
Sep 24, 2016
Merged

as31: Apply Debian patch for CVE-2012-0808 #18904

merged 1 commit into from
Sep 24, 2016

Conversation

aneeshusa
Copy link
Contributor

Motivation for this change

Fix CVE-2012-0808. Patch is from Debian (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=655496).

Things done
  • Tested using sandboxing
    (nix.useSandbox on NixOS,
    or option build-use-sandbox in nix.conf
    on non-NixOS)
  • Built on platform(s)
    • NixOS
    • OS X
    • Linux
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nox --run "nox-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Fits CONTRIBUTING.md.

Shoutout to #18856, due to which I just discovered monitor.nixos.org despite using Nix for quite a while now, which let me know of this vulnerability in the packages I maintain.

@mention-bot
Copy link

@aneeshusa, thanks for your PR! By analyzing the annotation information on this pull request, we identified @dezgeg to be a potential reviewer

@grahamc
Copy link
Member

grahamc commented Sep 24, 2016

Typically we try to keep actual patches out of nixpkgs. Is this patch available on the internet which we could use fetchpatch on?

@aneeshusa aneeshusa force-pushed the fix-as31-CVE-2012-0808 branch from 913f41c to d6e19ab Compare September 24, 2016 01:20
@aneeshusa
Copy link
Contributor Author

Pushed a version with fetchpatch. Note that I have heard preferences for both including patches in the repo and using fetchpatch from different people at different times, but it doesn't matter too much to me.

@fpletz fpletz added the 1.severity: security Issues which raise a security issue, or PRs that fix one label Sep 24, 2016
@fpletz fpletz added this to the 16.09 milestone Sep 24, 2016
@fpletz fpletz merged commit 9f7d9de into NixOS:master Sep 24, 2016
grahamc pushed a commit that referenced this pull request Sep 24, 2016
@aneeshusa @grahamc
as31: Apply Debian patch for CVE-2012-0808 (#18904)
2a082e1 
(cherry picked from commit 9f7d9de)
acowley pushed a commit to acowley/nixpkgs that referenced this pull request Sep 29, 2016
@aneeshusa @acowley
as31: Apply Debian patch for CVE-2012-0808 (NixOS#18904)
130af7f
@grahamc grahamc mentioned this pull request Oct 14, 2016
Closed
adrianpk added a commit to adrianpk/nixpkgs that referenced this pull request May 31, 2024
@adrianpk
as31: Apply Debian patch for CVE-2012-0808 (NixOS#18904)
0c1f858 
(cherry picked from commit 9f7d9de)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
1.severity: security Issues which raise a security issue, or PRs that fix one
Projects
None yet
Milestone
16.09
Development

Successfully merging this pull request may close these issues.
4 participants
@aneeshusa @mention-bot @grahamc @fpletz