bug#70581: PHP, glibc, and CVE-2024-2961

bug-guix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#70581: PHP, glibc, and CVE-2024-2961

From:	McSinyx
Subject:	bug#70581: PHP, glibc, and CVE-2024-2961
Date:	Fri, 26 Apr 2024 15:44:50 +0900

Hello Guix,

Last week, an overflow bug in glibc's iconv(3) was discovered:
https://www.openwall.com/lists/oss-security/2024/04/17/9

It may enable remove code execution through PHP.  Due to
the immutable nature of Guix, is it possible to hotpatch
this using graft, or do we need to rebuild to world?
https://rockylinux.org/news/glibc-vulnerability-april-2024/

Kind regards,
McSinyx

[Prev in Thread]

Current Thread

[Next in Thread]

bug#70581: PHP, glibc, and CVE-2024-2961, McSinyx <=
- bug#70581: PHP, glibc, and CVE-2024-2961, Liliana Marie Prikler, 2024/04/26

Prev by Date: bug#70580: Verilator package fails to build due to failing test
Next by Date: bug#70581: PHP, glibc, and CVE-2024-2961
Previous by thread: bug#70580: Verilator package fails to build due to failing test
Next by thread: bug#70581: PHP, glibc, and CVE-2024-2961
Index(es):
- Date
- Thread