From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bug-guix-bounces+larch=yhetil.org@gnu.org>
Received: from mp0 ([2001:41d0:8:6d80::])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	by ms0.migadu.com with LMTPS
	id 2BVdIxZIYmDrcQEAgWs5BA
	(envelope-from <bug-guix-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Mon, 29 Mar 2021 23:35:18 +0200
Received: from aspmx1.migadu.com ([2001:41d0:8:6d80::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by mp0 with LMTPS
	id IK48HRZIYmACZQAA1q6Kng
	(envelope-from <bug-guix-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Mon, 29 Mar 2021 21:35:18 +0000
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by aspmx1.migadu.com (Postfix) with ESMTPS id 90D931849E
	for <larch@yhetil.org>; Mon, 29 Mar 2021 23:35:17 +0200 (CEST)
Received: from localhost ([::1]:49802 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <bug-guix-bounces+larch=yhetil.org@gnu.org>)
	id 1lQzXY-000639-PI
	for larch@yhetil.org; Mon, 29 Mar 2021 17:35:16 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:37278)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1lQzXK-00062m-32
 for bug-guix@gnu.org; Mon, 29 Mar 2021 17:35:02 -0400
Received: from debbugs.gnu.org ([209.51.188.43]:38224)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1lQzXJ-0006to-RI
 for bug-guix@gnu.org; Mon, 29 Mar 2021 17:35:01 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1lQzXJ-0006jL-Nk
 for bug-guix@gnu.org; Mon, 29 Mar 2021 17:35:01 -0400
X-Loop: help-debbugs@gnu.org
Subject: bug#47257: mariadb is vulnerable to CVE-2021-27928 (RCE)
Resent-From: zimoun <zimon.toutoune@gmail.com>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-guix@gnu.org
Resent-Date: Mon, 29 Mar 2021 21:35:01 +0000
Resent-Message-ID: <handler.47257.B47257.161705367525825@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 47257
X-GNU-PR-Package: guix
X-GNU-PR-Keywords: security
To: =?UTF-8?Q?L=C3=A9o?= Le Bouter <lle-bout@zaclys.net>
Received: via spool by 47257-submit@debbugs.gnu.org id=B47257.161705367525825
 (code B ref 47257); Mon, 29 Mar 2021 21:35:01 +0000
Received: (at 47257) by debbugs.gnu.org; 29 Mar 2021 21:34:35 +0000
Received: from localhost ([127.0.0.1]:49770 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1lQzWs-0006iS-OF
 for submit@debbugs.gnu.org; Mon, 29 Mar 2021 17:34:35 -0400
Received: from mail-qt1-f174.google.com ([209.85.160.174]:34479)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <zimon.toutoune@gmail.com>) id 1lQzWq-0006iF-Rz
 for 47257@debbugs.gnu.org; Mon, 29 Mar 2021 17:34:33 -0400
Received: by mail-qt1-f174.google.com with SMTP id c6so10490847qtc.1
 for <47257@debbugs.gnu.org>; Mon, 29 Mar 2021 14:34:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; 
 h=mime-version:references:in-reply-to:from:date:message-id:subject:to
 :cc:content-transfer-encoding;
 bh=gr6UvQJsDoAZW0vfUqNsf8x1ICP/dawscfbk/BfRgnM=;
 b=fRgIb0zbTWQLlLJWqg9oQ12UVYEu132uAH8DPyXYvMpT4J1LJBOBEKyW+4I+fIvaIl
 FQGOTgsG9Z8EczgBfAnri1hlxq/AOvN4uLHcqUmvl2h2ntCPGfknkQ/C4C2d7xLgF/21
 Pe6LaLokjr+W58ucXSYvNmHek+4BQdcyuzp3zptL6xgj5fNZ9NsHJouml6k9QXww5Or2
 cBEAoe5CrS8wyLcSPlEqHM2tIOoWkZcSX3g+ijs9vct5k7IBT/LmQde3F402yM4Vqvr5
 ejlTQnXD9mZxOnnqMxSGeKuNrCeKcvsSDRzjAURx94kg3tmSSXWlGAcgksk0lvMxLNBk
 V+LA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:references:in-reply-to:from:date
 :message-id:subject:to:cc:content-transfer-encoding;
 bh=gr6UvQJsDoAZW0vfUqNsf8x1ICP/dawscfbk/BfRgnM=;
 b=ozguKAt/zhtYFrWmt0OZeowQGUDhEHvBLe1x/2N/MiDLbxHNbHThC1RZv2dBodYqLY
 1D+b8TvODvok5rTI1onD/8R/Qt0vPgFczT5C4Qisf5UOwKIaZHeBHriNyAY4v7vDVsxL
 f6PcmCWfsfDu/YA5jOQ9NuAu5zageQdA9faLUUIaYiDVi1Nsu1HUu0yA6JL+dtT2NGTi
 AnYy26XID5SPCplPslANfuj4K4vPt8Em1hG9QPTsROrL/b627zSTnm7ZDEk9I9vYUTC3
 uQ2uFzUsWKuaSzSxuqG8VtJOlbqacT6kOAXdzYcBHmR9h8axOgIQv6bqLyINaObWf61V
 Nkhw==
X-Gm-Message-State: AOAM53392Mqj2wuxSLvOWBbHMfmPk2/3mykwvueV1/X5MvNUjRIbKT3K
 vnJPsRnutQPp4TS3gQVaVMCuqqzO+zNT7O3uQHs=
X-Google-Smtp-Source: ABdhPJzP7gYMOO8iU6MmjMTHDXLzAOFlURMinHdfJrCvMxgvXGXd+e9RGWyfAH0ujJVrVppCYJgMM0Ggf3cGcjnJ/5o=
X-Received: by 2002:ac8:6c3b:: with SMTP id k27mr24512026qtu.354.1617053667289; 
 Mon, 29 Mar 2021 14:34:27 -0700 (PDT)
MIME-Version: 1.0
References: <7d6d60c61fc372f62125ef5a36bc22956db5907e.camel@zaclys.net>
 <86r1kbl6kw.fsf@gmail.com>
 <b9a61cca0f95239cb0b38fc4ef0988bd11b7777e.camel@zaclys.net>
In-Reply-To: <b9a61cca0f95239cb0b38fc4ef0988bd11b7777e.camel@zaclys.net>
From: zimoun <zimon.toutoune@gmail.com>
Date: Mon, 29 Mar 2021 23:34:15 +0200
Message-ID: <CAJ3okZ1jNE7_uSifHdoKHM5XgPwFe4OjnyhmbhJiwiLPq8C=zQ@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: bug-guix@gnu.org
List-Id: Bug reports for GNU Guix <bug-guix.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-guix>,
 <mailto:bug-guix-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/bug-guix>
List-Post: <mailto:bug-guix@gnu.org>
List-Help: <mailto:bug-guix-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-guix>,
 <mailto:bug-guix-request@gnu.org?subject=subscribe>
Cc: 47257@debbugs.gnu.org
Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org
Sender: "bug-Guix" <bug-guix-bounces+larch=yhetil.org@gnu.org>
X-Migadu-Flow: FLOW_IN
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org;
	s=key1; t=1617053717;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:resent-cc:
	 resent-from:resent-sender:resent-message-id:in-reply-to:in-reply-to:
	 references:references:list-id:list-help:list-unsubscribe:
	 list-subscribe:list-post:dkim-signature;
	bh=gr6UvQJsDoAZW0vfUqNsf8x1ICP/dawscfbk/BfRgnM=;
	b=nJjoruZl1MUco/dns7Uq2X8bbrYvBwhViWTWtaa+kOpkxZXxFpir9qgOKPRc5N6V0Fx95m
	LYiqBgwp/8yd2OfW+1IMqn4gyOwa6UoTg/zjG/3T6F5IgphQWzQgKpPutN5kKrqvwBwzQG
	hj+OUJooHNL6cpkClupRvnlKZxA6C16NmtxaIgavYLbr6/mFVmMbmMLD9/a0l6Gg6jm6A4
	5XVlg7Zbgmbi2zt7PHUy0wIRi4qbDn1UcTlAUAux7q+4Rp0/eyysd5LMvxW1hng3szOrvP
	8Pq7kGq0EGaZQmFQQc0CXBouVXfcyldPXUQ7c8as22s93VkTPCegNf74o15HFg==
ARC-Seal: i=1; s=key1; d=yhetil.org; t=1617053717; a=rsa-sha256; cv=none;
	b=sdmD5URSbm5gsXw5vz6YWRfbYhbg8SrwH8hHFgyLJ9zcrs96NBtkYtnbry+BJmb+3OsZ55
	CI2ElM5/OgnqpdynmnWXPxulvqFPCfKhKgoByn06TNko+nwiQXjqhDYsHa2rowbz1l+JYg
	70waAclqJmIuLnAsE02BiKjywM3bxy+ZazqH2fZN+ObGX6yruM0UVp15WKk0baPxoakm1M
	5spYtS0NKhF37kDgXG9+gws8IhDB++Z8Jok2Vu9VO23t5po7oCgj6mL8rZ6WS4Luw7gjfx
	LeGf2UC3vrj/U7biNszi6PVSEhZvMYBdc+hJfRKuBZ/PodKeZYxBMAiCRRR3KA==
ARC-Authentication-Results: i=1;
	aspmx1.migadu.com;
	dkim=fail ("headers rsa verify failed") header.d=gmail.com header.s=20161025 header.b=fRgIb0zb;
	dmarc=fail reason="SPF not aligned (relaxed)" header.from=gmail.com (policy=none);
	spf=pass (aspmx1.migadu.com: domain of bug-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=bug-guix-bounces@gnu.org
X-Migadu-Spam-Score: 0.18
Authentication-Results: aspmx1.migadu.com;
	dkim=fail ("headers rsa verify failed") header.d=gmail.com header.s=20161025 header.b=fRgIb0zb;
	dmarc=fail reason="SPF not aligned (relaxed)" header.from=gmail.com (policy=none);
	spf=pass (aspmx1.migadu.com: domain of bug-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=bug-guix-bounces@gnu.org
X-Migadu-Queue-Id: 90D931849E
X-Spam-Score: 0.18
X-Migadu-Scanner: scn0.migadu.com
X-TUID: 6018K1dOLrFg

On Thu, 25 Mar 2021 at 12:28, L=C3=A9o Le Bouter <lle-bout@zaclys.net> wrot=
e:
> On Fri, 2021-03-19 at 12:35 +0100, zimoun wrote:
> > Instead of grafting, I would fix first check the compatibility
> > between
> > mariadb  and zstd.  Because mariadb@10.5.8 does not build with
> > zstd@1.4.9, at least on my machine.
>
> Can you post build logs and repro scenario? mariadb@10.5.8 built fine
> for me on core-updates which has zstd@1.4.9.

On core-updates, I get this:

--8<---------------cut here---------------start------------->8---
$ git log --oneline -1 && ./pre-inst-env guix build mariadb
b20b45c6ce (HEAD -> core-updates, origin/core-updates) gnu: gd: Patch
away recent pkg-config files change that breaks php build.

[...]

Only  2061  of 5666 completed.
--------------------------------------------------------------------------
The servers were restarted 258 times
Spent 10782.523 of 607 seconds executing testcases

Failure: Failed 1/427 tests, 99.77% were successful.

Failing test(s): innodb.check_ibd_filesize

The log files in var/log may give you some hint of what went wrong.

If you want to report this error, please read first the documentation
at http://dev.mysql.com/doc/mysql/en/mysql-test-suite.html

798 tests were skipped, 39 by the test itself.

mysql-test-run: *** ERROR: there were failing test cases
Error happened at lib/mtr_report.pm line 683.
    mtr_report::mtr_error("there were failing test cases") called at
lib/mtr_report.pm line 552
    mtr_report::mtr_report_stats("Failure", 1, ARRAY(0x1ae0180),
ARRAY(0xd3cb68)) called at
/tmp/guix-build-mariadb-10.5.8.drv-0/mariadb-10.5.8/mysql-test/mysql-test-r=
un.pl
line 586
    main::main() called at
/tmp/guix-build-mariadb-10.5.8.drv-0/mariadb-10.5.8/mysql-test/mysql-test-r=
un.pl
line 387
error: in phase 'check': uncaught exception:
%exception #<&invoke-error program: "./mtr" arguments: ("--verbose"
"--retry=3D3" "--testcase-timeout=3D40" "--suite-timeout=3D600" "--parallel=
"
"64" "--skip-rpl" "--skip-test-list=3Dunstable-tests") exit-status: 1
term-signal: #f stop-signal: #f>
phase `check' failed after 606.9 seconds
command "./mtr" "--verbose" "--retry=3D3" "--testcase-timeout=3D40"
"--suite-timeout=3D600" "--parallel" "64" "--skip-rpl"
"--skip-test-list=3Dunstable-tests" failed with status 1
builder for `/gnu/store/339560bw1rf3n7s4mbxx5q1ynwn5n52p-mariadb-10.5.8.drv=
'
failed with exit code 1
build of /gnu/store/339560bw1rf3n7s4mbxx5q1ynwn5n52p-mariadb-10.5.8.drv fai=
led
View build log at
'/var/log/guix/drvs/33/9560bw1rf3n7s4mbxx5q1ynwn5n52p-mariadb-10.5.8.drv.bz=
2'.
guix build: error: build of
`/gnu/store/339560bw1rf3n7s4mbxx5q1ynwn5n52p-mariadb-10.5.8.drv'
failed
--8<---------------cut here---------------end--------------->8---

Maybe, I am not doing something wrong.  Then on master, it "works"
except after the ungraft.   Well, it seems coherent with what I get
from core-updates.  So if I am doing wrong, I do not know where.

--8<---------------cut here---------------start------------->8---
$ git log --oneline -1 && make -s 2>/dev/null && \
> ./pre-inst-env guix build zstd -q           && \
> ./pre-inst-env guix build mariadb -q
a801c7379a (HEAD) gnu: Remove QT 4.
 cd . && /bin/bash /home/sitour/src/guix/wk/fix-zstd/build-aux/missing
automake-1.16 --gnu Makefile
 cd . && /bin/bash ./config.status Makefile depfiles
config.status: creating Makefile
config.status: executing depfiles commands
Making all in po/guix
Making all in po/packages
  GEN      scripts/guix
Compiling Scheme modules...
[  6%] LOAD     gnu/packages/compression.scm
[ 12%] LOAD     gnu/packages/databases.scm
[ 19%] LOAD     gnu/packages/engineering.scm
[ 25%] LOAD     gnu/packages/messaging.scm
[ 31%] LOAD     gnu/packages/password-utils.scm
[ 38%] LOAD     gnu/packages/pdf.scm
[ 44%] LOAD     gnu/packages/qt.scm
[ 50%] LOAD     gnu/packages/sqlite.scm
[ 56%] GUILEC   gnu/packages/compression.go
[ 62%] GUILEC   gnu/packages/databases.go
[ 69%] GUILEC   gnu/packages/engineering.go
[ 75%] GUILEC   gnu/packages/messaging.go
[ 81%] GUILEC   gnu/packages/password-utils.go
[ 88%] GUILEC   gnu/packages/pdf.go
[ 94%] GUILEC   gnu/packages/qt.go
[100%] GUILEC   gnu/packages/sqlite.go
/gnu/store/25sdln6zpjm2hcnmb55wi794k359mgkm-zstd-1.4.9-lib
/gnu/store/n64pny0wdqrk2mw4crs9bznwzg5cm5bc-zstd-1.4.9
/gnu/store/pjd5wx2dvrbxr3saf0a9a8va4v43b7zk-zstd-1.4.9-static
/gnu/store/231bip1j7j3prx4q6mr44f3hdn8sl9nh-mariadb-10.5.8-dev
/gnu/store/43sbv46pn6a31722savgbqcrryyn513h-mariadb-10.5.8-lib
/gnu/store/68az8ch2l6x0ldjnjhqsmpn19ns9srjp-mariadb-10.5.8

$ git log --oneline -1 && make -s 2>/dev/null && \
> ./pre-inst-env guix build zstd -q           && \
> ./pre-inst-env guix build mariadb -q
52c8d07a4f (HEAD) gnu: mariadb: Fix CVE-2021-27928.
 cd . && /bin/bash /home/sitour/src/guix/wk/fix-zstd/build-aux/missing
automake-1.16 --gnu Makefile
 cd . && /bin/bash ./config.status Makefile depfiles
config.status: creating Makefile
config.status: executing depfiles commands
Making all in po/guix
Making all in po/packages
  GEN      scripts/guix
Compiling Scheme modules...
[ 50%] LOAD     gnu/packages/databases.scm
[100%] GUILEC   gnu/packages/databases.go
/gnu/store/25sdln6zpjm2hcnmb55wi794k359mgkm-zstd-1.4.9-lib
/gnu/store/n64pny0wdqrk2mw4crs9bznwzg5cm5bc-zstd-1.4.9
/gnu/store/pjd5wx2dvrbxr3saf0a9a8va4v43b7zk-zstd-1.4.9-static
/gnu/store/avgmb7dr3r7555zxnspzzjzxcy5vhhz4-mariadb-10.5.8-dev
/gnu/store/jj2gmail5rfnlpmh2rj0vqxil0wihbj7-mariadb-10.5.8-lib
/gnu/store/bjgz8jnfsbb4qvaa9csfy8i3x1i3ivp7-mariadb-10.5.8

$ git log --oneline -1 && make -s 2>/dev/null && \
> ./pre-inst-env guix build zstd -q           && \
> ./pre-inst-env guix build mariadb -q
6e7ba45357 (HEAD) gnu: sqlite: Update to 3.32.3 [security fixes].
Making all in po/guix
Making all in po/packages
Compiling Scheme modules...
[ 50%] LOAD     gnu/packages/sqlite.scm
[100%] GUILEC   gnu/packages/sqlite.go
/gnu/store/25sdln6zpjm2hcnmb55wi794k359mgkm-zstd-1.4.9-lib
/gnu/store/n64pny0wdqrk2mw4crs9bznwzg5cm5bc-zstd-1.4.9
/gnu/store/pjd5wx2dvrbxr3saf0a9a8va4v43b7zk-zstd-1.4.9-static
/gnu/store/avgmb7dr3r7555zxnspzzjzxcy5vhhz4-mariadb-10.5.8-dev
/gnu/store/jj2gmail5rfnlpmh2rj0vqxil0wihbj7-mariadb-10.5.8-lib
/gnu/store/bjgz8jnfsbb4qvaa9csfy8i3x1i3ivp7-mariadb-10.5.8

$ git log --oneline -1 && make -s 2>/dev/null && \
> ./pre-inst-env guix build zstd -q           && \
> ./pre-inst-env guix build mariadb -q
692f1e5217 (HEAD) DRAFT: gnu: zstd: Fix test suite.
Making all in po/guix
Making all in po/packages
Compiling Scheme modules...
[ 50%] LOAD     gnu/packages/compression.scm
[100%] GUILEC   gnu/packages/compression.go
/gnu/store/q33xvan4j71f4kil0lg4h2yk549al1rv-zstd-1.4.9-lib
/gnu/store/rixmvq9497dwqxr7apa4n70gmhb50lc7-zstd-1.4.9
/gnu/store/2ym2nn0rmzgigagj7zrx4s6gidk94pqg-zstd-1.4.9-static
/gnu/store/avgmb7dr3r7555zxnspzzjzxcy5vhhz4-mariadb-10.5.8-dev
/gnu/store/jj2gmail5rfnlpmh2rj0vqxil0wihbj7-mariadb-10.5.8-lib
/gnu/store/bjgz8jnfsbb4qvaa9csfy8i3x1i3ivp7-mariadb-10.5.8

$ git log --oneline -1 && make -s 2>/dev/null && \
> ./pre-inst-env guix build zstd -q           && \
> ./pre-inst-env guix build mariadb -q
93fee48ada (HEAD -> fix-zstd) DRAFT: gnu: zstd: Update to 1.4.9 (ungraft).
Making all in po/guix
Making all in po/packages
Compiling Scheme modules...
[ 50%] LOAD     gnu/packages/compression.scm
[100%] GUILEC   gnu/packages/compression.go
/gnu/store/mmsp9ym0d3zcc0g1rr2gwmxb5pcq1wkm-zstd-1.4.9-lib
/gnu/store/6bi9kvsj0si590ra99yzb8dchikzlxb1-zstd-1.4.9
/gnu/store/1cnbqm29rc0gp30h18x7hs785c55fl0m-zstd-1.4.9-static
guix build: error: build of
`/gnu/store/5927s1x3hpfv4v9rsc9y06kycx93zqvh-mariadb-10.5.8.drv'
failed
--8<---------------cut here---------------end--------------->8---

I could be wrong... and I have not investigated more.  As I said
elsewhere, grafting zstd from 1.4.4 to 1.4.9 seems totally *wrong*.
There is ~1.5 years and 4 releases between these 2 releases.

BTW, note that:

   $ guix graph --path mariadb zstd
   guix graph: error: no path from 'mariadb@10.5.8' to 'zstd@1.4.9'

Grafting MariaDB makes sense here.  The culprit is zstd, IMHO.

> > Other said, I seem better to do this fix as a whole on core-updates
> > without any graft.  Instead of grafting here and there; and not
> > necessary small changes (zstd from 1.4.4 to 1.4.9, mariadb from
> > 10.5.8
> > to 10.5.8).
>
> We can't patch security issues through core-updates, especially this
> RCE.

I will not comment because I am bored by all that.


Last, you have been prompted to commit a major update and disable the
test-suite for zstd, and I am still waiting that you are prompt again
to fix it; especially when a proposal fix is done here:

<https://lists.gnu.org/archive/html/guix-devel/2021-03/msg00295.html>


Best regards,
simon