Unverified Commit 1071529f authored by Bernardo Meurer's avatar Bernardo Meurer
Browse files

linuxKernel.kernels: remove CVE-2023-32233 patch from up-to-date kernels

parent ba7e85bc

pkgs/top-level/linux-kernels.nix

+0 −9
Original line number Diff line number Diff line
@@ -54,11 +54,6 @@ let 
      };

      kernelPatches = kernel.kernelPatches ++ [

        kernelPatches.hardened.${kernel.meta.branch}

      ] ++ lib.optionals (lib.versionAtLeast version "5.15") [

        # Needed as long as hardened kernels are behind the first patch release

        # containing the fix for CVE-2023-32233. Can most likely be removed after the

        # next hardened kernel update.

        kernelPatches.CVE-2023-32233

      ];

      isHardened = true;

  };
@@ -120,7 +115,6 @@ in { 
        [ kernelPatches.bridge_stp_helper

          kernelPatches.request_key_helper

          kernelPatches.modinst_arg_list_too_long

          kernelPatches.CVE-2023-32233

        ];

    };
@@ -129,7 +123,6 @@ in { 
        kernelPatches.bridge_stp_helper

        kernelPatches.request_key_helper

        kernelPatches.rtl8761b_support

        kernelPatches.CVE-2023-32233

      ];

    };
@@ -145,7 +138,6 @@ in { 
      kernelPatches = [

        kernelPatches.bridge_stp_helper

        kernelPatches.request_key_helper

        kernelPatches.CVE-2023-32233

      ];

    };
@@ -190,7 +182,6 @@ in { 
        kernelPatches.make-maple-state-reusable-after-mas_empty_area

        kernelPatches.fix-em-ice-bonding

        kernelPatches.export-rt-sched-migrate

        kernelPatches.CVE-2023-32233

      ];

    };