gnu: heimdal: Apply patch to fix CVE-2022-45142.

Several recent Heimdal releases are affected by the serious vulnerability CVE-2022-45142, which NIST scored as "7.5 HIGH". [1] At the time of writing, the upstream developers had not yet cut any releases post-7.8.0, which is why the patch is being applied here. The patch was extracted from Helmut Grohne's public vulnerability disclosure. [2] [1] https://nvd.nist.gov/vuln/detail/CVE-2022-45142 [2] https://www.openwall.com/lists/oss-security/2023/02/08/1 * gnu/packages/patches/heimdal-CVE-2022-45142.patch: New patch. * gnu/local.mk (dist_patch_DATA): Register it. * gnu/packages/kerberos.scm (heimdal)[source]: Apply it. Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
author: Felix Lechner <felix.lechner@lease-up.com> 2023-04-10 21:23:12 -0700
committer: Maxim Cournoyer <maxim.cournoyer@gmail.com> 2023-04-12 08:29:38 -0400
commit: 4edf7d93ddfdadde198e75c160e83e30eaba44ae (patch)
tree: 372be027144abe8d172c7afe57b1ed00d6b78bd4 /gnu/local.mk
parent: 22762890d3d38bbf71d030486d7063a0a6ede01c (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index a5ac123586..eeb26d34d0 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1329,6 +1329,7 @@ dist_patch_DATA =						\
   %D%/packages/patches/hdf-eos5-remove-gctp.patch		\
   %D%/packages/patches/hdf-eos5-fix-szip.patch			\
   %D%/packages/patches/hdf-eos5-fortrantests.patch		\
+  %D%/packages/patches/heimdal-CVE-2022-45142.patch		\
   %D%/packages/patches/helm-fix-gcc-9-build.patch		\
   %D%/packages/patches/http-parser-CVE-2020-8287.patch		\
   %D%/packages/patches/htslib-for-stringtie.patch		\
author	Felix Lechner <felix.lechner@lease-up.com>	2023-04-10 21:23:12 -0700
committer	Maxim Cournoyer <maxim.cournoyer@gmail.com>	2023-04-12 08:29:38 -0400
commit	4edf7d93ddfdadde198e75c160e83e30eaba44ae (patch)
tree	372be027144abe8d172c7afe57b1ed00d6b78bd4 /gnu/local.mk
parent	22762890d3d38bbf71d030486d7063a0a6ede01c (diff)