From mboxrd@z Thu Jan 1 00:00:00 1970 From: Leo Famulari Subject: Re: [PATCH] gnu: wpa-supplicant: Update to 2.6. Date: Sun, 9 Oct 2016 17:44:17 -0400 Message-ID: <20161009214417.GA18927@jasmine> References: <87shs9wxfq.fsf@guixsd.i-did-not-set--mail-host-address--so-tickle-me> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:55461) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1btLtc-0002V4-DW for guix-devel@gnu.org; Sun, 09 Oct 2016 17:44:37 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1btLtX-0004he-QO for guix-devel@gnu.org; Sun, 09 Oct 2016 17:44:35 -0400 Received: from out5-smtp.messagingengine.com ([66.111.4.29]:38939) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1btLtV-0004eX-Ru for guix-devel@gnu.org; Sun, 09 Oct 2016 17:44:31 -0400 Content-Disposition: inline In-Reply-To: <87shs9wxfq.fsf@guixsd.i-did-not-set--mail-host-address--so-tickle-me> List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: Marius Bakke Cc: guix-devel@gnu.org On Thu, Oct 06, 2016 at 12:04:25PM +0100, Marius Bakke wrote: > None of the patches applied, so I assume they are upstream. To check if the patches are in the 2.6 release, I cloned the Git repo and used `git describe --contains`. The patches helpfully include the Git commit hash, so that commit can be passed to `git describe --contains`. So, for 'wpa-supplicant-CVE-2016-4477-pt4.patch': $ git describe --contains 2a3f56502b52375c3bf113cf92adfa99bad6b488 hostap_2_6~513 So, we see that the commit is reachable from the 2.6 release tag, 513 commits in the past. I think it's a reasonable to assume that upstream releases correspond to the Git tags. I did that for all the patches. I don't think it's enough that the patches don't apply; there could have been incompatible code changes that prevent their application but did not fix the bugs. > Tested locally. Please push if it's good. > > From 28a85174650e5602364290f9b7d1259f4148bcf1 Mon Sep 17 00:00:00 2001 > From: Marius Bakke > Date: Wed, 5 Oct 2016 04:08:46 +0100 > Subject: [PATCH] gnu: wpa-supplicant: Update to 2.6. > > * gnu/packages/admin.scm (wpa-supplicant-minimal)[source]: Update to > 2.6. Remove 'patches' field. > * gnu/packages/patches/wpa-supplicant-CVE-2015-5310.patch, > gnu/packages/patches/wpa-supplicant-CVE-2015-5314.patch, > gnu/packages/patches/wpa-supplicant-CVE-2015-5315.patch, > gnu/packages/patches/wpa-supplicant-CVE-2015-5316.patch, > gnu/packages/patches/wpa-supplicant-CVE-2016-4476.patch, > gnu/packages/patches/wpa-supplicant-CVE-2016-4477-pt1.patch, > gnu/packages/patches/wpa-supplicant-CVE-2016-4477-pt2.patch, > gnu/packages/patches/wpa-supplicant-CVE-2016-4477-pt3.patch, > gnu/packages/patches/wpa-supplicant-CVE-2016-4477-pt4.patch: Delete > files. > * gnu/local.mk (dist_patch_DATA): Remove them. Works for me, thanks! Pushed as fc0081213d612dc0b4f5f90d5b775704511a7432