From mboxrd@z Thu Jan 1 00:00:00 1970 From: Leo Famulari Subject: bug#27429: Stack clash (CVE-2017-1000366 etc) Date: Thu, 22 Jun 2017 14:34:21 -0400 Message-ID: <20170622183421.GA14383@jasmine.lan> References: <20170619222550.GA29289@jasmine.lan> <20170620004920.GB31586@jasmine.lan> <20170620071857.GA2768@macbook42.flashner.co.il> <87shiumj05.fsf@netris.org> <20170621084134.GA2870@macbook42.flashner.co.il> <20170621095045.GB2870@macbook42.flashner.co.il> <20170621235227.GA4510@jasmine.lan> <20170622000336.GB4510@jasmine.lan> <87zid0iksk.fsf@netris.org> <20170622161737.GC15580@jasmine.lan> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="CE+1k2dSO48ffgeK" Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:51037) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dO6wc-00015D-2z for bug-guix@gnu.org; Thu, 22 Jun 2017 14:35:06 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dO6wY-00018z-20 for bug-guix@gnu.org; Thu, 22 Jun 2017 14:35:06 -0400 Received: from debbugs.gnu.org ([208.118.235.43]:58966) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1dO6wX-00018G-Tn for bug-guix@gnu.org; Thu, 22 Jun 2017 14:35:01 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1dO6wX-0003D1-Ks for bug-guix@gnu.org; Thu, 22 Jun 2017 14:35:01 -0400 Sender: "Debbugs-submit" Resent-Message-ID: Content-Disposition: inline In-Reply-To: <20170622161737.GC15580@jasmine.lan> List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org Sender: "bug-Guix" To: Mark H Weaver Cc: 27429@debbugs.gnu.org --CE+1k2dSO48ffgeK Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Jun 22, 2017 at 12:17:37PM -0400, Leo Famulari wrote: > On Thu, Jun 22, 2017 at 02:44:11AM -0400, Mark H Weaver wrote: > > Leo Famulari writes: > > > Hm, I noticed the bootstrap binaries being downloaded, so I don't thi= nk > > > this patch applies the graft without causing a full rebuild. > >=20 > > It's likely that this is because of the new behavior of Hydra, where > > NARs that haven't been fetched in the last 14 days are deleted, and then > > those substitutes will fail the next time they are requested. > >=20 > > In this system fetching substitutes that are not often requested will > > often fail. One must try to fetch them, and then wait a while for Hydra > > to rebuild the NARs, and then try again later. FWIW, I don't like this > > approach, but it's what we have for now. >=20 > Okay, I'm trying again. I'll let the build finish and report if the > system seems okay in QEMU. It's building stuff, but it downloaded several parts of the bootstrap (gettext-boot0, perl-boot0, etc) and is now building the base packages of the distribution (perl, etc). So, I'm skeptical that it's grafting in the way we need it to. For example, I already have the latest Perl binary from `guix build perl`, but it's rebuilding Perl now. --CE+1k2dSO48ffgeK Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAllMDawACgkQJkb6MLrK fwhuGRAAoSWBZv4DLqgmi2izkDK8CLsDiCUYJKyY8yVAr6GyWdgG67w5w18KsfZd 86RhBBJl8/HFc7u2plCONu3zysdA5mNGOc7MN+PMdQwgrYl9WEi/pXfKGWsmhPbD vve7Z26drvPfkxegrDH6hdq4wqP4SnWY67tHa8h3CexnG3ZGmLvVIFnCZSt0tdzH 97MDipG3KBXhqZ7zyyXrvmqKYmpmeI2h2PB7QI4kH14vx+r/VMQXyZ/F/Gn/d8pk W3HO9+TSHCOe3wFD//IDMxTjP70qGYwwtrMJZNf3NKao6424S4J3Qyv7/Oar9mvV ZZBME8OtQscDgBQTikaXXhIOQa9xWk7zudFzvhk6UeNRuReS5y+IrScLoW00ssb0 U29L6Jx/3NMgyZfPpGEyJof9McYFAIZo+2DkTJz/EtGUcBcKHVmrAlqgbeLWpYgE Hf1dX+X3Pe2nzBSvmtmruDIYmtezxdhqXHmG5+2BqQn9XIFogJ889OJ28gsdh3o6 /2P31UUYRQNPNx4JXi+q4D/9bSwodcm22RwHSo4OgyTXUTo9N+cWnvhsW/F+KYhK ZjU/or4nIY/4vC7vCzXh7qyZHDwYUOV32F7kkDmDNq4kdFywHfPpXel1QNBZRcXV ksBOe4kgVgWt+YCOtQhv7ZKhGWoAOnoTrZ9AgQhBMv/Lr1gVZ0c= =QXqo -----END PGP SIGNATURE----- --CE+1k2dSO48ffgeK--