From mboxrd@z Thu Jan 1 00:00:00 1970 From: Leo Famulari Subject: bug#27429: Stack clash (CVE-2017-1000366 etc) Date: Thu, 22 Jun 2017 15:25:04 -0400 Message-ID: <20170622192504.GA7158@jasmine.lan> References: <20170620004920.GB31586@jasmine.lan> <20170620071857.GA2768@macbook42.flashner.co.il> <87shiumj05.fsf@netris.org> <20170621084134.GA2870@macbook42.flashner.co.il> <20170621095045.GB2870@macbook42.flashner.co.il> <20170621235227.GA4510@jasmine.lan> <20170622000336.GB4510@jasmine.lan> <87zid0iksk.fsf@netris.org> <20170622161737.GC15580@jasmine.lan> <20170622183421.GA14383@jasmine.lan> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="n8g4imXOkfNTN/H1" Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:34403) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dO7jy-00020a-LG for bug-guix@gnu.org; Thu, 22 Jun 2017 15:26:07 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dO7ju-0003k3-HU for bug-guix@gnu.org; Thu, 22 Jun 2017 15:26:06 -0400 Received: from debbugs.gnu.org ([208.118.235.43]:59036) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1dO7ju-0003jh-3u for bug-guix@gnu.org; Thu, 22 Jun 2017 15:26:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1dO7jt-0004Oc-R4 for bug-guix@gnu.org; Thu, 22 Jun 2017 15:26:01 -0400 Sender: "Debbugs-submit" Resent-Message-ID: Content-Disposition: inline In-Reply-To: <20170622183421.GA14383@jasmine.lan> List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org Sender: "bug-Guix" To: Mark H Weaver Cc: 27429@debbugs.gnu.org --n8g4imXOkfNTN/H1 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Jun 22, 2017 at 02:34:21PM -0400, Leo Famulari wrote: > It's building stuff, but it downloaded several parts of the bootstrap > (gettext-boot0, perl-boot0, etc) and is now building the base packages > of the distribution (perl, etc). >=20 > So, I'm skeptical that it's grafting in the way we need it to. For > example, I already have the latest Perl binary from `guix build perl`, > but it's rebuilding Perl now. I might have spoken too soon. Although Perl was rebuilt, most other packages were not. So this patch might do the right thing. More review welcome :) --n8g4imXOkfNTN/H1 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAllMGYwACgkQJkb6MLrK fwhZhBAAvm4aIEhr8iVLSUvOKvS+OO5iHWXf54JAKez5evdp6kGdVxpeV0003171 lvqhAXZJ2QxGoHmNt99QMrL5pZlEgPjBb19HX71EHn3F/ZL69NMSmeE/NBWN/bn7 pipvSEaLdpcVb4rorYFiZS9BWLY0a4EoYOZAxxdgLyO3n2TLWID8llfCld6AycDE HGbzGEzq2T1EjGKFnkpOxcushrZfo0U41x1wQteNr6/lrmqX2EqNbUyebD7HMArH pXeI1LVBV5Mg2wrW/keMe4jwiPMwVvEKlg+fhwbFb3zvc2Le8z51N3E1C+JWyTau BKKwPViHoYDgEiiUpDh0vjrUdeOSk7hF4NtxzA5aVNW6ybREDYZe/74bV5YqddKu INggzdvz3rzR2VqFMDxe0TGsYxos/j2oCIqZrs0ar68on3Mmen5fa98+frugxjV4 MOfnCitT1WhbBStW6wUY8CRInYMUtjywGrZT/wfBHKNMPb5YdlUvy1AzBFQimyj4 j8ydQVIpZ2JbA1ghsxb3WE0oX++pYCMPqXmDZpifM2WXxQaIcF6rpbYQgWb3ZksV 4Jy6XtR4EL71KmX509ku0Q0iDjCAqi02vq9+6y7QIFGPljziH3UJJ0PaHua4R2mk +EQZkWGS4et9YPrhmwTHB2jOJ3ulzkNgq5Z/H43gP3ha0wp3B8c= =cfkZ -----END PGP SIGNATURE----- --n8g4imXOkfNTN/H1--