unofficial mirror of guix-devel@gnu.org 
 help / color / mirror / code / Atom feed
* GNOME 3.34 in GNU Guix and security
@ 2021-03-11  3:19 Léo Le Bouter
  2021-03-11  8:08 ` Ricardo Wurmus
  2021-03-11  8:18 ` Mark H Weaver
  0 siblings, 2 replies; 11+ messages in thread
From: Léo Le Bouter @ 2021-03-11  3:19 UTC (permalink / raw)
  To: guix-devel

[-- Attachment #1: Type: text/plain, Size: 454 bytes --]

Hello!

I must come to the conclusion that using GNOME 3.34 in GNU Guix right
now is just straight out insecure. I would advise we either, get rid of
GNOME, backport all individual security patches (they can be
numerous..), or upgrade GNOME to latest and keep up over time.

I don't think we can afford to spend time backporting security fixes to
the numerous GNOME packages with CVEs, not with current resources, it
is time-consuming.

Léo

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

^ permalink raw reply	[flat|nested] 11+ messages in thread

end of thread, other threads:[~2021-03-19  9:14 UTC | newest]

Thread overview: 11+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-03-11  3:19 GNOME 3.34 in GNU Guix and security Léo Le Bouter
2021-03-11  8:08 ` Ricardo Wurmus
2021-03-11  8:23   ` Raghav Gururajan
2021-03-11  9:11     ` Ricardo Wurmus
2021-03-11  9:17       ` Raghav Gururajan
2021-03-18 21:32     ` Danny Milosavljevic
2021-03-19  0:10       ` Ricardo Wurmus
2021-03-19  9:13       ` Guillaume Le Vaillant
2021-03-11  8:24   ` Jonathan Brielmaier
2021-03-11  8:18 ` Mark H Weaver
2021-03-11  8:28   ` Léo Le Bouter

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/guix.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).