GNU bug report logs - #70581
PHP, glibc, and CVE-2024-2961

Previous Next

Package: guix;

Reported by: "McSinyx" <cnx <at> loang.net>

Date: Fri, 26 Apr 2024 06:46:07 UTC

Severity: normal

Tags: security

Done: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>

Bug is archived. No further changes may be made.

Full log

Message #24 received at 70581 <at> debbugs.gnu.org (full text, mbox):

From: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>
To: Ludovic Courtès <ludo <at> gnu.org>
Cc: guix-security <at> gnu.org,
 Liliana Marie Prikler <liliana.prikler <at> ist.tugraz.at>,
 Andreas Enge <andreas <at> enge.fr>, 70581 <at> debbugs.gnu.org, McSinyx <cnx <at> loang.net>,
 Janneke Nieuwenhuizen <janneke <at> gnu.org>
Subject: Re: bug#70581: PHP, glibc, and CVE-2024-2961
Date: Thu, 19 Dec 2024 11:25:53 +0900

Hi Ludovic,

Ludovic Courtès <ludo <at> gnu.org> writes:

[...]

>> +              (patches (map search-patch
>> +                            (fold (cut delete <...>)
>> +                                  %glibc-patches
>> +                                  '("glibc-2.39-git-updates.patch"))))))))
>
> Or: (delete "glibc-2.39-git-updates.patch" (search-patches %glibc-patches)).

It doesn't seem to work the way you'd intuitively expect, because
search-patches is syntax, and %glibc-patches is a list.  So you at least
need the map and search-patch procedure:

--8<---------------cut here---------------start------------->8---
(delete "glibc-2.39-git-updates.patch" (map search-patch %glibc-patches)).
--8<---------------cut here---------------end--------------->8---

And then the delete has no effect because 'search-path' returns absolute
paths, so the patch to delete is now something like
'/home/maxim/src/guix/gnu/packages/patches/glibc-2.39-git-updates.patch',
for example.

-- 
Thanks,
Maxim
This bug report was last modified 213 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.