From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp10.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id UEYuIgE82GP4eQAAbAwnHQ (envelope-from ) for ; Mon, 30 Jan 2023 22:52:01 +0100 Received: from aspmx1.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp10.migadu.com with LMTPS id 8MVLIQE82GOCXAEAG6o9tA (envelope-from ) for ; Mon, 30 Jan 2023 22:52:01 +0100 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 5746742B4A for ; Mon, 30 Jan 2023 22:52:01 +0100 (CET) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1pMc3S-0007xH-A0; Mon, 30 Jan 2023 16:51:10 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pMc3P-0007iR-Bz for guix-devel@gnu.org; Mon, 30 Jan 2023 16:51:07 -0500 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pMc3O-0006I0-MC; Mon, 30 Jan 2023 16:51:06 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:In-Reply-To:Date:References:Subject:To: From; bh=fJbChj81e81jBWLL1+J4shfs7lpwK0flaO/oR7B+Rc4=; b=W0BMi3V0mAs2TlEChBeF zQ41291W6HkklUd/zseLMWapQZsN5IDufN96huzv4+LRK+rG1K4RIlfUoO2nnpVm+UdC81asfuXf+ +zaCP+a0O1lqGzf3GbJUOxIayJPyxdHDAwe0zAt7Q3eq1GFcbA6ZKDXlCBVtZDv9kUtBpVUSe4ns0 IYIW4VmTi0F98LpXFfNxFkGy556fJ/fTjcRzJiV+GYAro5vUi/flpy93w+BcXWrNMgAbMkf5Z/LZM WoryYL08qZ7+PireyZiA+wjBqpsievT04TECQ6qxHln6CwpNCFac2T7bMavSdHNVetIxpueRPnBFi rEm8nxzrWRSVQg==; Received: from 91-160-117-201.subs.proxad.net ([91.160.117.201] helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pMc3N-0006Cy-Uq; Mon, 30 Jan 2023 16:51:06 -0500 From: =?utf-8?Q?Ludovic_Court=C3=A8s?= To: Jack Hill Cc: guix-devel@gnu.org Subject: Re: purpose of GnuTLS versions References: X-URL: http://www.fdn.fr/~lcourtes/ X-Revolutionary-Date: Primidi 11 =?utf-8?Q?Pluvi=C3=B4se?= an 231 de la =?utf-8?Q?R=C3=A9volution=2C?= jour de =?utf-8?Q?l'Ell=C3=A9bore?= X-PGP-Key-ID: 0x090B11993D9AEBB5 X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5 X-OS: x86_64-pc-linux-gnu Date: Mon, 30 Jan 2023 22:51:03 +0100 In-Reply-To: (Jack Hill's message of "Thu, 26 Jan 2023 00:12:56 -0500 (EST)") Message-ID: <87cz6vy9mg.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: guix-devel-bounces+larch=yhetil.org@gnu.org X-Migadu-Country: US X-Migadu-Flow: FLOW_IN ARC-Seal: i=1; s=key1; d=yhetil.org; t=1675115521; a=rsa-sha256; cv=none; b=BaFt43k/dU5BjmZxcNGMIOQqGV2epIMGHGEuTiCDjXr1X8LL+AHI2w8KpZIarP6MRDW2xm 6/x69PMgYr3WlSREaRFKCIC1uXnsWtbnyLbRSHYkespbwQVmbj+CvuuXOTrKDZaQaz4TVV TxuVh0d0IamM+sW0WG2NQ/NGHw1dT/YwJbkw71+9OkZllViSBOrlK9oPiCQ6Brew6jt+87 Yg+JGzmEwFYov6+qSiuBXvuUtSnW+Ttm5fruU2CgwxP+SqowfV97XR1UhUqkcPYltCtQ4h +QwyaSeWCsUAPgGp15QDzZaPcbNC6O0vAhtGkCnVylsph1GXefc7RQmWS9hB3A== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=gnu.org header.s=fencepost-gnu-org header.b=W0BMi3V0; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=none) header.from=gnu.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1675115521; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post:dkim-signature; bh=fJbChj81e81jBWLL1+J4shfs7lpwK0flaO/oR7B+Rc4=; b=frfoXha9ZdT+FQ5U6ExdDYa1Sfnr/PyWTDf3zCutRXMO+H00ySmlg5N4O++jtVJVkxMp1o pDQzm8p46yP9HtbBE7jTQRY1vfi0diLgwIKxcBbU7asvX/eMDVVyhuAAWJ613KVwHbOUL7 EF5l+WnLE9N1wV/i866uBAGwlz1QD1IOoOfrYCGHC7/timOCII/dRsWXqfGPaCRpu/ntUN tKfUA1c4Yk74mRvYiVgyvBuD69UOkF3Xtz51fE4oC73D3YKcNR85G5jrxtZOZodGFXp+c0 ILjUO2uFkYa9AYHI1ZTHHJddw5SuBTMcsSQBE4pzbh5rdG6/jLZBQrfEGwGZTA== Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=gnu.org header.s=fencepost-gnu-org header.b=W0BMi3V0; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=none) header.from=gnu.org X-Migadu-Scanner: scn1.migadu.com X-Migadu-Spam-Score: -6.06 X-Spam-Score: -6.06 X-Migadu-Queue-Id: 5746742B4A X-TUID: i+y3SoJclOOY Hi Jack, Jack Hill skribis: > We currently have two versions of GnuTLS packaged: 3.7.2 represented > by the `gnutls` variable and 3.7.7 represented by the `gnutls-latest` > variable. `guix refresh -l` reports that changes to the 3.7.2 version > would cause 14770 rebuilds, but only 30 rebuilds for the 3.7.7 > version. As far as I can tell, neither version currently has a > replacement (graft). =E2=80=98gnutls-latest=E2=80=99 was initially added to provide up-to-date G= uile bindings, since Guile bindings were part of GnuTLS. Since a couple of months ago, Guile bindings live in a separate repo, but the new =E2=80=98guile-gnutls=E2=80=99 package depends on =E2=80=98gnut= ls-latest=E2=80=99, which no longer depends on Guile (whereas =E2=80=98gnutls=E2=80=99 still depends on = Guile). > It seems to me that the `gnutls` variable should refer to the latest > "stable" release, and the `gnutls-latest` variable to latest "next" > release. Does that make sense? What am I missing? As Simon pointed out, that=E2=80=99s for =E2=80=98core-updates=E2=80=99. > It appears that 3.7.2 has some unpatched advisories [2]. Ouch, then we probably need a =E2=80=98replacement=E2=80=99. Would you lik= e to give it a try? Thanks for the heads-up! Ludo=E2=80=99.