summaryrefslogtreecommitdiffstats
path: root/pkgs/os-specific
diff options
context:
space:
mode:
authorJoachim Fasting <joachifm@fastmail.fm>2017-02-17 19:09:50 +0100
committerJoachim Fasting <joachifm@fastmail.fm>2017-02-17 19:11:30 +0100
commite8007c0e8911fbcd99268b0b30d3e9f069f22c20 (patch)
treeb7e5cf0248b33b65a0023b571f6e1d208273978e /pkgs/os-specific
parent73577a2b05c2fe89c7ecaf030caf76f5148301da (diff)
linux_4_9: patch for CVE-2017-5986
Seems fairly low impact[1] but we might as well patch it until a new 4.9 version is released [1]: https://bugzilla.redhat.com/show_bug.cgi?id=1420276
Diffstat (limited to 'pkgs/os-specific')
-rw-r--r--pkgs/os-specific/linux/kernel/patches.nix9
1 files changed, 9 insertions, 0 deletions
diff --git a/pkgs/os-specific/linux/kernel/patches.nix b/pkgs/os-specific/linux/kernel/patches.nix
index 33f11ad5ae3e..9bc47dd624d8 100644
--- a/pkgs/os-specific/linux/kernel/patches.nix
+++ b/pkgs/os-specific/linux/kernel/patches.nix
@@ -175,4 +175,13 @@ rec {
};
};
+ sctp_bug_on_CVE_2017_5986 = rec
+ { name = "sctp_BUG_ON_CVE_2017_5986.patch";
+ patch = fetchpatch {
+ inherit name;
+ url = "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/patch/?id=2dcab598484185dea7ec22219c76dcdd59e3cb90";
+ sha256 = "15np10bfm5yzby9zbkrh23qpm91wnprblsk0xn9yjryypnz8njxh";
+ };
+ };
+
}