New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
file: patch for CVE-2018-10360 #43856
Conversation
from Gentoo, based on upstream commit.
Success on x86_64-linux (full log) Attempted: file Partial log (click to expand)
|
Success on x86_64-darwin (full log) Attempted: file Partial log (click to expand)
|
Success on aarch64-linux (full log) Attempted: file Partial log (click to expand)
|
Should this be backported? Note the version in stable is 5.32. |
14k rebuilds. Maybe this should go to staging? |
yep, staging. |
According to https://nvd.nist.gov/vuln/detail/CVE-2018-10360 only 5.33 is affected, no backport needed. |
Perhaps I'm leaning to backport, actually. The patch applies well to the 18.03 version. I haven't studied the code, but the patched function hasn't changed recently at all... |
Actually, why not update to 5.34 on master, instead of patching? |
from Gentoo, based on upstream commit. (cherry picked from commit 6546d17) It seems not clear if _this_ version was affected by the CVE, but the patch seems safe enough, so apply it to be sure.
Opened #44295, which updates to 5.34 on staging. |
Backported. Ubuntu did the same for 5.32. Let's do the update on master instead. |
from Gentoo, based on upstream commit.
sandbox
innix.conf
on non-NixOS)nix-shell -p nox --run "nox-review wip"
./result/bin/
)nix path-info -S
before and after)