Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

mpack: patch CVE-2011-4919 #311845

Merged
merged 1 commit into from
May 19, 2024
Merged

mpack: patch CVE-2011-4919 #311845

merged 1 commit into from
May 19, 2024

Conversation

tomodachi94
Copy link
Member

Description of changes

More information available here: https://www.openwall.com/lists/oss-security/2011/12/31/1

The original patch is by Sebastian Pipping and is available here: https://web.archive.org/web/20120128080247/http://git.goodpoint.de/?p=mpack.git;a=commitdiff;h=0c87201f64491575350b18d04c62ec142e119d1f

We copy the patch in-tree, as the original source of the patch did not have the "raw" diff made available.

Closes #90905

Things done

  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
    • sandbox = relaxed
    • sandbox = true
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 24.05 Release Notes (or backporting 23.05 and 23.11 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
  • Fits CONTRIBUTING.md.

Add a 馃憤 reaction to pull requests you find important.

@tomodachi94
mpack: patch CVE-2011-4919
0184e92 
More information available here: https://www.openwall.com/lists/oss-security/2011/12/31/1

The original patch is by Sebastian Pipping and is available here:
https://web.archive.org/web/20120128080247/http://git.goodpoint.de/?p=mpack.git;a=commitdiff;h=0c87201f64491575350b18d04c62ec142e119d1f

We copy the patch in-tree, as the original source of the patch did not
have the "raw" diff made available.

Closes NixOS#90905
@Pandapip1 Pandapip1 requested a review from amozeo May 15, 2024 21:00
@winterqt winterqt merged commit f5f7da6 into NixOS:master May 19, 2024
31 checks passed
@github-actions github-actions bot mentioned this pull request May 19, 2024
Merged
1 task
@github-actions GitHub Actions
Copy link
Contributor

Successfully created backport PR for release-23.11:

@tomodachi94 tomodachi94 deleted the fix/mpack/CVE-2011-4919 branch May 19, 2024 19:50
@github-actions GitHub Actions
Copy link
Contributor

Git push to origin failed for release-23.11 with exitcode 1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@amozeo amozeo amozeo approved these changes

@Pandapip1 Pandapip1 Pandapip1 approved these changes

@winterqt winterqt winterqt approved these changes

@itslychee itslychee itslychee approved these changes

Assignees
No one assigned
Labels
1.severity: security 10.rebuild-darwin: 0 10.rebuild-linux: 1-10 10.rebuild-linux: 1 12.approvals: 3+ backport release-23.11 Backport PR automatically
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Vulnerability roundup 85: mpack-1.6: 1 advisory [7.5]
5 participants
@tomodachi94 @amozeo @Pandapip1 @winterqt @itslychee