* [PATCH] gnu: libgcrypt: Update to 1.6.5. (security update)
@ 2016-02-09 19:52 Christopher Allan Webber
2016-02-09 20:15 ` Mark H Weaver
0 siblings, 1 reply; 11+ messages in thread
From: Christopher Allan Webber @ 2016-02-09 19:52 UTC (permalink / raw)
To: guix-devel
[-- Attachment #1: Type: text/plain, Size: 533 bytes --]
Hello all,
New security release of libgcrypt:
> Hello!
>
> The GNU project is pleased to announce the availability of Libgcrypt
> version 1.6.5. This is a security fix release to mitigate a new side
> channel attack.
>
> Noteworthy changes in version 1.6.5
> ===================================
>
> * Mitigate side-channel attack on ECDH with Weierstrass curves
> [CVE-2015-7511]. See http://www.cs.tau.ac.IL/~tromer/ecdh/ for
> details.
>
> * Fix build problem on Solaris.
Here's a patch. It seems to build fine.
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0001-gnu-libgcrypt-Update-to-1.6.5.patch --]
[-- Type: text/x-patch, Size: 1170 bytes --]
From f45b192c0e648fea95a98d681d8ecdff3dc15bdb Mon Sep 17 00:00:00 2001
From: Christopher Allan Webber <cwebber@dustycloud.org>
Date: Tue, 9 Feb 2016 11:49:06 -0800
Subject: [PATCH] gnu: libgcrypt: Update to 1.6.5.
* gnu/packages/gnupg.scm (libgcrypt): Update to 1.6.5.
---
gnu/packages/gnupg.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm
index a35e8fc..608c437 100644
--- a/gnu/packages/gnupg.scm
+++ b/gnu/packages/gnupg.scm
@@ -70,14 +70,14 @@ Daemon and possibly more in the future.")
(define-public libgcrypt
(package
(name "libgcrypt")
- (version "1.6.4")
+ (version "1.6.5")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
version ".tar.bz2"))
(sha256
(base32
- "09k06gs27gxfha07sa9rpf4xh6mvphj9sky7n09ymx75w9zjrg69"))))
+ "0959mwfzsxhallxdqlw359xg180ll2skxwyy35qawmfl89cbr7pl"))))
(build-system gnu-build-system)
(propagated-inputs
`(("libgpg-error-host" ,libgpg-error)))
--
2.6.3
^ permalink raw reply related [flat|nested] 11+ messages in thread
* Re: [PATCH] gnu: libgcrypt: Update to 1.6.5. (security update)
2016-02-09 19:52 [PATCH] gnu: libgcrypt: Update to 1.6.5. (security update) Christopher Allan Webber
@ 2016-02-09 20:15 ` Mark H Weaver
2016-02-09 20:31 ` Christopher Allan Webber
2016-02-10 14:46 ` Andreas Enge
0 siblings, 2 replies; 11+ messages in thread
From: Mark H Weaver @ 2016-02-09 20:15 UTC (permalink / raw)
To: Christopher Allan Webber; +Cc: guix-devel
Hi Chris,
Christopher Allan Webber <cwebber@dustycloud.org> writes:
> Hello all,
>
> New security release of libgcrypt:
>
>> Hello!
>>
>> The GNU project is pleased to announce the availability of Libgcrypt
>> version 1.6.5. This is a security fix release to mitigate a new side
>> channel attack.
>>
>> Noteworthy changes in version 1.6.5
>> ===================================
>>
>> * Mitigate side-channel attack on ECDH with Weierstrass curves
>> [CVE-2015-7511]. See http://www.cs.tau.ac.IL/~tromer/ecdh/ for
>> details.
>>
>> * Fix build problem on Solaris.
>
> Here's a patch. It seems to build fine.
>
> From f45b192c0e648fea95a98d681d8ecdff3dc15bdb Mon Sep 17 00:00:00 2001
> From: Christopher Allan Webber <cwebber@dustycloud.org>
> Date: Tue, 9 Feb 2016 11:49:06 -0800
> Subject: [PATCH] gnu: libgcrypt: Update to 1.6.5.
>
> * gnu/packages/gnupg.scm (libgcrypt): Update to 1.6.5.
Thank you! The summary line should include the CVE, like this:
gnu: libgcrypt: Update to 1.6.5 [fixes CVE-2015-7511].
Alas, this will require at least 7000 rebuilds. After the current
'security-updates' branch is merged, this should go on the next
'security-updates' branch, together with more fixes for graphite2 and
libsndfile.
Mark
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] gnu: libgcrypt: Update to 1.6.5. (security update)
2016-02-09 20:15 ` Mark H Weaver
@ 2016-02-09 20:31 ` Christopher Allan Webber
2016-02-10 14:46 ` Andreas Enge
1 sibling, 0 replies; 11+ messages in thread
From: Christopher Allan Webber @ 2016-02-09 20:31 UTC (permalink / raw)
To: Mark H Weaver; +Cc: guix-devel
[-- Attachment #1: Type: text/plain, Size: 1754 bytes --]
Mark H Weaver writes:
> Hi Chris,
>
> Christopher Allan Webber <cwebber@dustycloud.org> writes:
>
>> Hello all,
>>
>> New security release of libgcrypt:
>>
>>> Hello!
>>>
>>> The GNU project is pleased to announce the availability of Libgcrypt
>>> version 1.6.5. This is a security fix release to mitigate a new side
>>> channel attack.
>>>
>>> Noteworthy changes in version 1.6.5
>>> ===================================
>>>
>>> * Mitigate side-channel attack on ECDH with Weierstrass curves
>>> [CVE-2015-7511]. See http://www.cs.tau.ac.IL/~tromer/ecdh/ for
>>> details.
>>>
>>> * Fix build problem on Solaris.
>>
>> Here's a patch. It seems to build fine.
>>
>> From f45b192c0e648fea95a98d681d8ecdff3dc15bdb Mon Sep 17 00:00:00 2001
>> From: Christopher Allan Webber <cwebber@dustycloud.org>
>> Date: Tue, 9 Feb 2016 11:49:06 -0800
>> Subject: [PATCH] gnu: libgcrypt: Update to 1.6.5.
>>
>> * gnu/packages/gnupg.scm (libgcrypt): Update to 1.6.5.
>
> Thank you! The summary line should include the CVE, like this:
>
> gnu: libgcrypt: Update to 1.6.5 [fixes CVE-2015-7511].
Okay! I wasn't aware of that convention.
> Alas, this will require at least 7000 rebuilds. After the current
> 'security-updates' branch is merged, this should go on the next
> 'security-updates' branch, together with more fixes for graphite2 and
> libsndfile.
Yes it's unfortunate... it seems like security researchers are upping
their game in the post-heartbleed world (whatever that means)? I guess
that's good... better good security researchers do this stuff than some
other unspecified groups... but kind of a headache here? :)
Anyway, new patch! I don't know what to do about the security-updates
branch so I'll let you apply/push it.
- Chris
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0001-gnu-libgcrypt-Update-to-1.6.5-fixes-CVE-2015-7511.patch --]
[-- Type: text/x-patch, Size: 1192 bytes --]
From 6fec07507956efd6f7055d37d268c97ca5771d8c Mon Sep 17 00:00:00 2001
From: Christopher Allan Webber <cwebber@dustycloud.org>
Date: Tue, 9 Feb 2016 11:49:06 -0800
Subject: [PATCH] gnu: libgcrypt: Update to 1.6.5 [fixes CVE-2015-7511].
* gnu/packages/gnupg.scm (libgcrypt): Update to 1.6.5.
---
gnu/packages/gnupg.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm
index a35e8fc..608c437 100644
--- a/gnu/packages/gnupg.scm
+++ b/gnu/packages/gnupg.scm
@@ -70,14 +70,14 @@ Daemon and possibly more in the future.")
(define-public libgcrypt
(package
(name "libgcrypt")
- (version "1.6.4")
+ (version "1.6.5")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
version ".tar.bz2"))
(sha256
(base32
- "09k06gs27gxfha07sa9rpf4xh6mvphj9sky7n09ymx75w9zjrg69"))))
+ "0959mwfzsxhallxdqlw359xg180ll2skxwyy35qawmfl89cbr7pl"))))
(build-system gnu-build-system)
(propagated-inputs
`(("libgpg-error-host" ,libgpg-error)))
--
2.6.3
^ permalink raw reply related [flat|nested] 11+ messages in thread
* Re: [PATCH] gnu: libgcrypt: Update to 1.6.5. (security update)
2016-02-09 20:15 ` Mark H Weaver
2016-02-09 20:31 ` Christopher Allan Webber
@ 2016-02-10 14:46 ` Andreas Enge
2016-02-10 16:53 ` wip-pulseaudio (was Re: [PATCH] gnu: libgcrypt: Update to 1.6.5. (security update)) Efraim Flashner
2016-02-10 20:46 ` [PATCH] gnu: libgcrypt: Update to 1.6.5. (security update) Mark H Weaver
1 sibling, 2 replies; 11+ messages in thread
From: Andreas Enge @ 2016-02-10 14:46 UTC (permalink / raw)
To: Mark H Weaver; +Cc: guix-devel
Hello,
On Tue, Feb 09, 2016 at 03:15:38PM -0500, Mark H Weaver wrote:
> Alas, this will require at least 7000 rebuilds. After the current
> 'security-updates' branch is merged, this should go on the next
> 'security-updates' branch, together with more fixes for graphite2 and
> libsndfile.
it looks like we are almost there. Do you think we could squeeze in an
evaluation and build of wip-pulseaudio after updating master and rebasing
the wip branch on master?
Andreas
^ permalink raw reply [flat|nested] 11+ messages in thread
* wip-pulseaudio (was Re: [PATCH] gnu: libgcrypt: Update to 1.6.5. (security update))
2016-02-10 14:46 ` Andreas Enge
@ 2016-02-10 16:53 ` Efraim Flashner
2016-02-10 18:41 ` Efraim Flashner
2016-02-10 20:46 ` [PATCH] gnu: libgcrypt: Update to 1.6.5. (security update) Mark H Weaver
1 sibling, 1 reply; 11+ messages in thread
From: Efraim Flashner @ 2016-02-10 16:53 UTC (permalink / raw)
To: Andreas Enge; +Cc: guix-devel
[-- Attachment #1: Type: text/plain, Size: 3416 bytes --]
On Wed, 10 Feb 2016 15:46:59 +0100
Andreas Enge <andreas@enge.fr> wrote:
> Hello,
>
> On Tue, Feb 09, 2016 at 03:15:38PM -0500, Mark H Weaver wrote:
> [...]
>
> it looks like we are almost there. Do you think we could squeeze in an
> evaluation and build of wip-pulseaudio after updating master and rebasing
> the wip branch on master?
>
> Andreas
>
I see it's been rebased on origin/master, I'll report back in a bit
efraim@debian-netbook:~/workspace/guix$ time ./pre-inst-env guix build gstreamer gst-plugins-base gst-plugins-good gst-plugins-ugly gst-libav --fallback
;;; note: source file /home/efraim/workspace/guix/gnu/packages/pulseaudio.scm
;;; newer than compiled /home/efraim/workspace/guix/gnu/packages/pulseaudio.go
guix build: warning: failed to load '(efraim packages go-hello)':
ERROR: no code for module (guix build-system golang)
substitute: warning: failed to install locale: Invalid argument
substitute: updating list of substitutes from 'http://hydra.gnu.org'... 100.0%
The following derivations will be built:
/gnu/store/qsg8g97ilakkj7hrvb7ywgqlapvx64bs-gst-libav-1.6.1.drv
/gnu/store/j1z8qp0crifmgzfsrp9jg7p319xixp4m-gst-plugins-ugly-1.6.1.drv
/gnu/store/xw15fnvzii6vwcr0dzgvhmy9b8w3cml7-gst-plugins-good-1.6.1.drv
/gnu/store/6z864wqna3jklpwgb8haww7ycx5z60g7-openal-1.15.1.drv
/gnu/store/gnkcv491lbw47rm491jf92d2f0496al0-ffmpeg-2.8.6.drv
The following files will be downloaded:
/gnu/store/6y9i8v9lpmg286q63l72zz77pi1c91z2-gstreamer-1.6.1
/gnu/store/2ka19awqsy3a0kz7x0n8826f5p4balgl-gstreamer-1.6.1-doc
/gnu/store/sqbjqrszg8v4bb5qyxb5hivd9m34wpsg-gst-plugins-base-1.6.1
/gnu/store/x1jx9xj6c9xfqa8hhgsk1sz6ily1snik-gst-plugins-base-1.6.1-doc
/gnu/store/mppcj72lhdn7zaffakyrpzgjdm6fvkjj-gst-plugins-good-1.6.1.tar.xz
/gnu/store/6rg1a6zh5h1clnf3ss8x2sy5178mbg3k-cairo-1.14.2
/gnu/store/yv59gw65pypy6xjbb84p6aajk290rxy2-gdk-pixbuf-2.32.3
/gnu/store/h8qmk26qppjlwwcvqk7hii6m5g03snxn-libcaca-0.99.beta19
/gnu/store/sy9xwmlbzsbwbbcmd08nbg78n6kqm8jj-libsoup-2.52.1
/gnu/store/yjnwwk25pif432gvwvqr33slwgb3f8gg-taglib-1.9.1
/gnu/store/ar79y0mc7p6zrj2c0ilq8xrig1rpvnja-gst-plugins-ugly-1.6.1.tar.xz
/gnu/store/82s25lxd0gfd4sqqsbv0p8vvxg948jmm-cmake-3.3.2
/gnu/store/38cbna95gfyif3dyx2k8gds4h5fbv905-libquvi-0.4.1
/gnu/store/pkbjdqk08ipjc3aabkvq15k8x77a2gs1-gnutls-3.4.7
/gnu/store/rdi8195mysf340rm54xqjmxpl1qjq1wb-nettle-3.2
/gnu/store/l04g809qjv9kfi3m1j42228n59jd7d0c-harfbuzz-1.0.6
/gnu/store/7wrxicspxl4kz26vc5sbip0riqyq8hq6-libass-0.13.1
/gnu/store/jpv3s592q5mrm596b9l8gzraclsmbi3g-graphite2-1.3.3
/gnu/store/6m2li0x1f0ihvc36m4fwilmxa3bl3j88-soxr-0.1.1
/gnu/store/8qwh8yk93p9nxbi2h5xahg0qjqxc9093-openldap-2.4.42
/gnu/store/absyflwdck42kvs46196r54fjzvy9nsm-curl-7.47.0
/gnu/store/ih5c39iibk2vqc717hbza4dqyxn1r2pa-shishi-1.0.2
/gnu/store/mzkfj4vk1vfa3np2m7pm8h6q8z66f6ii-gss-1.0.3
/gnu/store/vm7sx64bg8y343x83pww16fhigbngx8d-cyrus-sasl-2.1.26
/gnu/store/1x6y9iby8krgskri5cdkdg8qk9yzkp03-libarchive-3.1.2
/gnu/store/x3jlzwsn2xj0zwa1bfcj7lqv2b3mn70j-freeglut-3.0.0
/gnu/store/29k39pj0cw9i2vzj59kbys8qmvhw2lby-pango-1.38.1
--
Efraim Flashner <efraim@flashner.co.il> אפרים פלשנר
GPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 819 bytes --]
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: wip-pulseaudio (was Re: [PATCH] gnu: libgcrypt: Update to 1.6.5. (security update))
2016-02-10 16:53 ` wip-pulseaudio (was Re: [PATCH] gnu: libgcrypt: Update to 1.6.5. (security update)) Efraim Flashner
@ 2016-02-10 18:41 ` Efraim Flashner
2016-02-10 18:55 ` Andreas Enge
2016-02-10 20:43 ` Andreas Enge
0 siblings, 2 replies; 11+ messages in thread
From: Efraim Flashner @ 2016-02-10 18:41 UTC (permalink / raw)
To: Andreas Enge; +Cc: guix-devel
[-- Attachment #1: Type: text/plain, Size: 3509 bytes --]
On Wed, 10 Feb 2016 18:53:50 +0200
Efraim Flashner <efraim@flashner.co.il> wrote:
> On Wed, 10 Feb 2016 15:46:59 +0100
> Andreas Enge <andreas@enge.fr> wrote:
>
> [...]
>
> I see it's been rebased on origin/master, I'll report back in a bit
>
> efraim@debian-netbook:~/workspace/guix$ time ./pre-inst-env guix build gstreamer gst-plugins-base gst-plugins-good gst-plugins-ugly gst-libav --fallback
> ;;; note: source file /home/efraim/workspace/guix/gnu/packages/pulseaudio.scm
> ;;; newer than compiled /home/efraim/workspace/guix/gnu/packages/pulseaudio.go
> guix build: warning: failed to load '(efraim packages go-hello)':
> ERROR: no code for module (guix build-system golang)
> substitute: warning: failed to install locale: Invalid argument
> substitute: updating list of substitutes from 'http://hydra.gnu.org'... 100.0%
> The following derivations will be built:
> /gnu/store/qsg8g97ilakkj7hrvb7ywgqlapvx64bs-gst-libav-1.6.1.drv
> /gnu/store/j1z8qp0crifmgzfsrp9jg7p319xixp4m-gst-plugins-ugly-1.6.1.drv
> /gnu/store/xw15fnvzii6vwcr0dzgvhmy9b8w3cml7-gst-plugins-good-1.6.1.drv
> /gnu/store/6z864wqna3jklpwgb8haww7ycx5z60g7-openal-1.15.1.drv
> /gnu/store/gnkcv491lbw47rm491jf92d2f0496al0-ffmpeg-2.8.6.drv
> The following files will be downloaded:
> /gnu/store/6y9i8v9lpmg286q63l72zz77pi1c91z2-gstreamer-1.6.1
> /gnu/store/2ka19awqsy3a0kz7x0n8826f5p4balgl-gstreamer-1.6.1-doc
> /gnu/store/sqbjqrszg8v4bb5qyxb5hivd9m34wpsg-gst-plugins-base-1.6.1
> /gnu/store/x1jx9xj6c9xfqa8hhgsk1sz6ily1snik-gst-plugins-base-1.6.1-doc
> /gnu/store/mppcj72lhdn7zaffakyrpzgjdm6fvkjj-gst-plugins-good-1.6.1.tar.xz
> /gnu/store/6rg1a6zh5h1clnf3ss8x2sy5178mbg3k-cairo-1.14.2
> /gnu/store/yv59gw65pypy6xjbb84p6aajk290rxy2-gdk-pixbuf-2.32.3
> /gnu/store/h8qmk26qppjlwwcvqk7hii6m5g03snxn-libcaca-0.99.beta19
> /gnu/store/sy9xwmlbzsbwbbcmd08nbg78n6kqm8jj-libsoup-2.52.1
> /gnu/store/yjnwwk25pif432gvwvqr33slwgb3f8gg-taglib-1.9.1
> /gnu/store/ar79y0mc7p6zrj2c0ilq8xrig1rpvnja-gst-plugins-ugly-1.6.1.tar.xz
> /gnu/store/82s25lxd0gfd4sqqsbv0p8vvxg948jmm-cmake-3.3.2
> /gnu/store/38cbna95gfyif3dyx2k8gds4h5fbv905-libquvi-0.4.1
> /gnu/store/pkbjdqk08ipjc3aabkvq15k8x77a2gs1-gnutls-3.4.7
> /gnu/store/rdi8195mysf340rm54xqjmxpl1qjq1wb-nettle-3.2
> /gnu/store/l04g809qjv9kfi3m1j42228n59jd7d0c-harfbuzz-1.0.6
> /gnu/store/7wrxicspxl4kz26vc5sbip0riqyq8hq6-libass-0.13.1
> /gnu/store/jpv3s592q5mrm596b9l8gzraclsmbi3g-graphite2-1.3.3
> /gnu/store/6m2li0x1f0ihvc36m4fwilmxa3bl3j88-soxr-0.1.1
> /gnu/store/8qwh8yk93p9nxbi2h5xahg0qjqxc9093-openldap-2.4.42
> /gnu/store/absyflwdck42kvs46196r54fjzvy9nsm-curl-7.47.0
> /gnu/store/ih5c39iibk2vqc717hbza4dqyxn1r2pa-shishi-1.0.2
> /gnu/store/mzkfj4vk1vfa3np2m7pm8h6q8z66f6ii-gss-1.0.3
> /gnu/store/vm7sx64bg8y343x83pww16fhigbngx8d-cyrus-sasl-2.1.26
> /gnu/store/1x6y9iby8krgskri5cdkdg8qk9yzkp03-libarchive-3.1.2
> /gnu/store/x3jlzwsn2xj0zwa1bfcj7lqv2b3mn70j-freeglut-3.0.0
> /gnu/store/29k39pj0cw9i2vzj59kbys8qmvhw2lby-pango-1.38.1
>
gst-plugins-good failed the test suite again, with 1 failed test:
FAIL: elements/splitmux
ran it two other times and had 2 failed tests:
FAIL: elements/splitmux
FAIL: elements/rtprtx
--
Efraim Flashner <efraim@flashner.co.il> אפרים פלשנר
GPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 819 bytes --]
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: wip-pulseaudio (was Re: [PATCH] gnu: libgcrypt: Update to 1.6.5. (security update))
2016-02-10 18:41 ` Efraim Flashner
@ 2016-02-10 18:55 ` Andreas Enge
2016-02-10 20:43 ` Andreas Enge
1 sibling, 0 replies; 11+ messages in thread
From: Andreas Enge @ 2016-02-10 18:55 UTC (permalink / raw)
To: Efraim Flashner; +Cc: guix-devel
On Wed, Feb 10, 2016 at 08:41:10PM +0200, Efraim Flashner wrote:
> gst-plugins-good failed the test suite again, with 1 failed test:
> FAIL: elements/splitmux
> ran it two other times and had 2 failed tests:
> FAIL: elements/splitmux
> FAIL: elements/rtprtx
This is strange; before that, it worked unless libvpx was also updated.
I will give it another try here.
Andreas
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: wip-pulseaudio (was Re: [PATCH] gnu: libgcrypt: Update to 1.6.5. (security update))
2016-02-10 18:41 ` Efraim Flashner
2016-02-10 18:55 ` Andreas Enge
@ 2016-02-10 20:43 ` Andreas Enge
1 sibling, 0 replies; 11+ messages in thread
From: Andreas Enge @ 2016-02-10 20:43 UTC (permalink / raw)
To: Efraim Flashner; +Cc: guix-devel
On Wed, Feb 10, 2016 at 08:41:10PM +0200, Efraim Flashner wrote:
> gst-plugins-good failed the test suite again, with 1 failed test:
> FAIL: elements/splitmux
> ran it two other times and had 2 failed tests:
> FAIL: elements/splitmux
> FAIL: elements/rtprtx
I tried it again, and it passes its tests. Let us wait and see what will
happen on hydra.
Andreas
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] gnu: libgcrypt: Update to 1.6.5. (security update)
2016-02-10 14:46 ` Andreas Enge
2016-02-10 16:53 ` wip-pulseaudio (was Re: [PATCH] gnu: libgcrypt: Update to 1.6.5. (security update)) Efraim Flashner
@ 2016-02-10 20:46 ` Mark H Weaver
2016-02-10 20:56 ` Andreas Enge
1 sibling, 1 reply; 11+ messages in thread
From: Mark H Weaver @ 2016-02-10 20:46 UTC (permalink / raw)
To: Andreas Enge; +Cc: guix-devel
Andreas Enge <andreas@enge.fr> writes:
> Hello,
>
> On Tue, Feb 09, 2016 at 03:15:38PM -0500, Mark H Weaver wrote:
>> Alas, this will require at least 7000 rebuilds. After the current
>> 'security-updates' branch is merged, this should go on the next
>> 'security-updates' branch, together with more fixes for graphite2 and
>> libsndfile.
>
> it looks like we are almost there. Do you think we could squeeze in an
> evaluation and build of wip-pulseaudio after updating master and rebasing
> the wip branch on master?
I'm reluctant to delay a critical security update like this, which
apparently allows a compromised web site to perform remote code
execution in our graphical web browsers. I, for one, am running
text-only for now, and am impatient to return back to the modern era.
What's the nature of the pulseaudio update? Why is it important?
What do other people think?
Mark
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] gnu: libgcrypt: Update to 1.6.5. (security update)
2016-02-10 20:46 ` [PATCH] gnu: libgcrypt: Update to 1.6.5. (security update) Mark H Weaver
@ 2016-02-10 20:56 ` Andreas Enge
2016-02-11 9:52 ` Ludovic Courtès
0 siblings, 1 reply; 11+ messages in thread
From: Andreas Enge @ 2016-02-10 20:56 UTC (permalink / raw)
To: Mark H Weaver; +Cc: guix-devel
On Wed, Feb 10, 2016 at 03:46:03PM -0500, Mark H Weaver wrote:
> What's the nature of the pulseaudio update? Why is it important?
It is not particularly important, I would say. I am just growing impatient,
we seem to be blocked by security-updates and core-updates more or less
since the beginning of December. This is all part of the gstreamer update
that we are postponing for about three weeks now.
Hooray for a new hydra!
Andreas
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] gnu: libgcrypt: Update to 1.6.5. (security update)
2016-02-10 20:56 ` Andreas Enge
@ 2016-02-11 9:52 ` Ludovic Courtès
0 siblings, 0 replies; 11+ messages in thread
From: Ludovic Courtès @ 2016-02-11 9:52 UTC (permalink / raw)
To: Andreas Enge; +Cc: guix-devel
Andreas Enge <andreas@enge.fr> skribis:
> On Wed, Feb 10, 2016 at 03:46:03PM -0500, Mark H Weaver wrote:
>> What's the nature of the pulseaudio update? Why is it important?
>
> It is not particularly important, I would say. I am just growing impatient,
Of course having Hydra stuck building security updates is a bit
frustrating when we’d all want to have fun with the cutting edge stuff…
but I think it’s important nonetheless. So I’m all for having the
Graphite fix take precedence over the rest.
But really, we should fix <http://bugs.gnu.org/22139>. That would give
us some breathing room.
Ludo’.
^ permalink raw reply [flat|nested] 11+ messages in thread
end of thread, other threads:[~2016-02-11 9:52 UTC | newest]
Thread overview: 11+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-02-09 19:52 [PATCH] gnu: libgcrypt: Update to 1.6.5. (security update) Christopher Allan Webber
2016-02-09 20:15 ` Mark H Weaver
2016-02-09 20:31 ` Christopher Allan Webber
2016-02-10 14:46 ` Andreas Enge
2016-02-10 16:53 ` wip-pulseaudio (was Re: [PATCH] gnu: libgcrypt: Update to 1.6.5. (security update)) Efraim Flashner
2016-02-10 18:41 ` Efraim Flashner
2016-02-10 18:55 ` Andreas Enge
2016-02-10 20:43 ` Andreas Enge
2016-02-10 20:46 ` [PATCH] gnu: libgcrypt: Update to 1.6.5. (security update) Mark H Weaver
2016-02-10 20:56 ` Andreas Enge
2016-02-11 9:52 ` Ludovic Courtès
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).