diff options
author | Maximilian Bosch <maximilian@mbosch.me> | 2023-05-13 14:53:51 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-05-13 14:53:51 +0200 |
commit | 50350770b7173aed2c2202583ba69a7a68bc50d5 (patch) | |
tree | 02fa3e297927836cc4a5bf0030de656fe9633af3 /pkgs/top-level | |
parent | 2836255b68bdece0b4f0c1ac7a935f057106e590 (diff) | |
parent | 99c8d675d2986be0fa262c01b3b6374dcad9da1e (diff) |
Merge pull request #231352 from lovesegfault/kernel-updates
linuxKernel.kernels: update
Diffstat (limited to 'pkgs/top-level')
-rw-r--r-- | pkgs/top-level/linux-kernels.nix | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/pkgs/top-level/linux-kernels.nix b/pkgs/top-level/linux-kernels.nix index ddf588b5a277d..077f6ecb023a5 100644 --- a/pkgs/top-level/linux-kernels.nix +++ b/pkgs/top-level/linux-kernels.nix @@ -54,6 +54,11 @@ let }; kernelPatches = kernel.kernelPatches ++ [ kernelPatches.hardened.${kernel.meta.branch} + ] ++ lib.optionals (lib.versionAtLeast version "5.15") [ + # Needed as long as hardened kernels are behind the first patch release + # containing the fix for CVE-2023-32233. Can most likely be removed after the + # next hardened kernel update. + kernelPatches.CVE-2023-32233 ]; isHardened = true; }; @@ -158,7 +163,6 @@ in { kernelPatches.bridge_stp_helper kernelPatches.request_key_helper kernelPatches.fix-em-ice-bonding - kernelPatches.CVE-2023-32233 ]; }; @@ -175,7 +179,6 @@ in { kernelPatches.bridge_stp_helper kernelPatches.request_key_helper kernelPatches.fix-em-ice-bonding - kernelPatches.CVE-2023-32233 ]; }; @@ -194,7 +197,6 @@ in { kernelPatches.bridge_stp_helper kernelPatches.request_key_helper kernelPatches.fix-em-ice-bonding - kernelPatches.CVE-2023-32233 ]; }; @@ -203,7 +205,6 @@ in { kernelPatches.bridge_stp_helper kernelPatches.request_key_helper kernelPatches.fix-em-ice-bonding - kernelPatches.CVE-2023-32233 ]; }; |