These are upstream patches, also applied by Debian:
https://security-tracker.debian.org/tracker/CVE-2015-8629
Can somebody that actually uses mit-krb5 test and push? Or if you'd
rather just push, feel free.
By the way, I'm curious about this package's unusual method of applying
patches. Does anyone have any insight? I read the git history but it
doesn't give much detail on why the "normal" method doesn't work.
Leo Famulari (1):
gnu: mit-krb5: Fix CVE-2015-{8629, 8630, 8631}.
gnu-system.am | 3 +
gnu/packages/mit-krb5.scm | 6 +-
gnu/packages/patches/mit-krb5-CVE-2015-8629.patch | 29 ++
gnu/packages/patches/mit-krb5-CVE-2015-8630.patch | 59 +++
gnu/packages/patches/mit-krb5-CVE-2015-8631.patch | 550 ++
5 files changed, 646 insertions(+), 1 deletion(-)
create mode 100644 gnu/packages/patches/mit-krb5-CVE-2015-8629.patch
create mode 100644 gnu/packages/patches/mit-krb5-CVE-2015-8630.patch
create mode 100644 gnu/packages/patches/mit-krb5-CVE-2015-8631.patch
--
2.6.3