-
-
Notifications
You must be signed in to change notification settings - Fork 13.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
linux_*, except testing, 4.14: apply patch for CVE-2023-32233 #230947
Conversation
1414c3d
to
bd1c50a
Compare
@ofborg build linux_4_14 linux_4_19 linux_5_4 linux_5_10 linux_5_15 linux_6_1 linux_6_2 linux_6_3 |
It's only queued upstream back to 4.19. Do we have a reason to think it needs backported further? |
This applies the patch for CVE-2023-32233 from kernel 4.19 until 6.3, testing (6.4-rc1 at the moment) is excluded because it already have the fix and 4.14 doesn't have this fix queued for the next stable kernel.
bd1c50a
to
99e65bb
Compare
We discussed it and I removed 4.14 :). (reflected in the message of the PR) |
Backport failed for Please cherry-pick the changes locally. git fetch origin release-22.11
git worktree add -d .worktree/backport-230947-to-release-22.11 origin/release-22.11
cd .worktree/backport-230947-to-release-22.11
git checkout -b backport-230947-to-release-22.11
ancref=$(git merge-base f56995c6eea5777baf30c141a847e2f5d3b7c130 99e65bb00d18003476148d8c153e2b8721b8c335)
git cherry-pick -x $ancref..99e65bb00d18003476148d8c153e2b8721b8c335 |
Backport #231057 |
Description of changes
https://www.openwall.com/lists/oss-security/2023/05/08/4
If we don't get any stable kernel before fixing that.
Apply cleanly on:
Tested on:
Things done
sandbox = true
set innix.conf
? (See Nix manual)nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD"
. Note: all changes have to be committed, also see nixpkgs-review usage./result/bin/
)