From: Ricardo Wurmus <rekado@elephly.net>
To: Leo Famulari <leo@famulari.name>
Cc: guix-devel@gnu.org
Subject: Re: Switching to Artifex Ghostscript
Date: Mon, 29 May 2017 20:38:58 +0200 [thread overview]
Message-ID: <874lw3ik3h.fsf@elephly.net> (raw)
In-Reply-To: <20170529175013.GA13897@jasmine>
Leo Famulari <leo@famulari.name> writes:
> Here are patches that allow you build groff, cairo, and cups with the
> Artifex Ghostscript.
Woo!
> + (patches (search-patches "artifex-ghostscript-runpath.patch"
> + ;; TODO:
> + ;;"ghostscript-CVE-2017-8291.patch"
> + ))
What’s up with this? Is the latest release of Artifex Ghostscript
vulnerable?
> + (modules '((guix build utils)))
> + (snippet
> + ;; Remove bundled libraries.
> + ;; TODO Try unbundling ijs, which is developed alongside Ghostscript.
> + '(begin
> + (for-each delete-file-recursively '("freetype" "jbig2dec" "jpeg"
> + "lcms2" "libpng"
> + ;;"openjpeg" ; Patched fork.
> + "tiff" "zlib"))))))
Excellent!
> + (replace 'build
> + (lambda _
> + ;; Build 'libgs.so', but don't build the statically-linked 'gs'
> + ;; binary (saves 22 MiB).
> + (zero? (system* "make" "so" "-j"
> + (number->string
> (parallel-job-count))))))
Couldn’t we just add “#:make-flags '("so")” and avoid replacing the
build phase?
> From 8ee8b63f35909ca1b9cfd89552f08e22f28b5d10 Mon Sep 17 00:00:00 2001
> From: Leo Famulari <leo@famulari.name>
> Date: Mon, 29 May 2017 04:42:37 -0400
> Subject: [PATCH 2/3] gnu: ijs: Use modify-phases syntax.
>
> * gnu/packages/ghostscript.scm (ijs)[arguments]: Use modify-phases.
OK!
> From 35a515a7d2bbd95a45fde81b31201bd48a7e7588 Mon Sep 17 00:00:00 2001
> From: Leo Famulari <leo@famulari.name>
> Date: Mon, 29 May 2017 04:43:21 -0400
> Subject: [PATCH 3/3] gnu: ijs: Update to 9.21.0 and switch to Artifex
> Ghostscript source.
>
> * gnu/packages/ghostscript.scm (ijs): Update to 9.21.0.
> [source, version, home-page]: Inherit from artifex-ghostscript.
> ---
LGTM! Thank you!
--
Ricardo
GPG: BCA6 89B6 3655 3801 C3C6 2150 197A 5888 235F ACAC
https://elephly.net
next prev parent reply other threads:[~2017-05-29 18:39 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-20 20:55 Switching to Artifex Ghostscript Leo Famulari
2017-05-20 21:53 ` Marius Bakke
2017-05-21 13:06 ` Ricardo Wurmus
2017-05-23 17:39 ` Leo Famulari
2017-05-26 12:02 ` Ricardo Wurmus
2017-05-23 20:42 ` Ludovic Courtès
2017-05-29 17:50 ` Leo Famulari
2017-05-29 18:33 ` Leo Famulari
2017-05-29 18:38 ` Ricardo Wurmus [this message]
2017-05-29 20:47 ` Leo Famulari
2017-05-29 22:14 ` Leo Famulari
2017-06-02 16:26 ` Leo Famulari
2017-06-02 18:16 ` Leo Famulari
2017-06-03 13:55 ` Ludovic Courtès
2017-05-29 23:22 ` Mark H Weaver
2017-05-30 4:40 ` Leo Famulari
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=874lw3ik3h.fsf@elephly.net \
--to=rekado@elephly.net \
--cc=guix-devel@gnu.org \
--cc=leo@famulari.name \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).