* Re: 01/01: gnu: glibc/linux: Add patches for CVE-2017-1000366. [not found] ` <20170629200450.E946620FFF@vcs0.savannah.gnu.org> @ 2017-06-30 15:31 ` Mark H Weaver 2017-07-01 4:08 ` Mark H Weaver 2017-07-01 15:59 ` Ludovic Courtès 0 siblings, 2 replies; 9+ messages in thread From: Mark H Weaver @ 2017-06-30 15:31 UTC (permalink / raw) To: Ludovic Courtès; +Cc: guix-devel Hi Ludovic, ludo@gnu.org (Ludovic Courtès) writes: > civodul pushed a commit to branch core-updates > in repository guix. > > commit 503a4df904b8d4b82caebdb17db9c5f76a952418 > Author: Ludovic Courtès <ludo@gnu.org> > Date: Thu Jun 29 12:53:14 2017 +0200 > > gnu: glibc/linux: Add patches for CVE-2017-1000366. > > * gnu/packages/patches/glibc-CVE-2017-1000366-pt1.patch, > gnu/packages/patches/glibc-CVE-2017-1000366-pt2.patch, > gnu/packages/patches/glibc-CVE-2017-1000366-pt3.patch: New files. > * gnu/local.mk (dist_patch_DATA): Add them. > * gnu/packages/base.scm (glibc/linux)[source](patches): Add them. > [replacement]: Remove. > (glibc-2.25-patched): Remove. > (glibc-2.24, glibc-2.23, glibc-2.22, glibc-2.21) > (glibc-locales): Remove 'replacement' field. Why did you remove the (replacement #f) fields from glibc-2.24, glibc-2.23, glibc-2.22, and glibc-2.21? Keeping the inherited replacements will never do the right thing here, because the inherited replacement will always be for a newer version of glibc. It would be nice to have things arranged in such a way that we can simply add a replacement for 'glibc/linux', when needed. We did that work for CVE-2017-1000366. It would be good not to revert that work, to facilitate future security updates. More generally, I think we need to give more thought to how to handle 'replacement' fields when we inherit packages, in order to do the right thing when the inherited package is grafted. One way is to override (replacement #f). Another is to use the 'package/inherit' macro from (guix packages), which applies the same overrides to the replacement. I can't think of a case where it's proper to leave the 'replacement' unchanged when inheriting a package. What do you think? Mark ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: 01/01: gnu: glibc/linux: Add patches for CVE-2017-1000366. 2017-06-30 15:31 ` 01/01: gnu: glibc/linux: Add patches for CVE-2017-1000366 Mark H Weaver @ 2017-07-01 4:08 ` Mark H Weaver 2017-07-01 15:45 ` Ludovic Courtès 2017-07-01 15:59 ` Ludovic Courtès 1 sibling, 1 reply; 9+ messages in thread From: Mark H Weaver @ 2017-07-01 4:08 UTC (permalink / raw) To: Ludovic Courtès; +Cc: guix-devel Another problem with this commit is that it fails to add "glibc-vectorized-strcspn-guards.patch", so it will fail to build on i686, as described in <https://bugs.gnu.org/27489>. Also, it leaves the 'patches' fields in glibc-2.24, glibc-2.23, glibc-2.22, and glibc-2.21. Those should be removed. I'll fix it up. Mark ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: 01/01: gnu: glibc/linux: Add patches for CVE-2017-1000366. 2017-07-01 4:08 ` Mark H Weaver @ 2017-07-01 15:45 ` Ludovic Courtès 0 siblings, 0 replies; 9+ messages in thread From: Ludovic Courtès @ 2017-07-01 15:45 UTC (permalink / raw) To: Mark H Weaver; +Cc: guix-devel Mark H Weaver <mhw@netris.org> skribis: > Another problem with this commit is that it fails to add > "glibc-vectorized-strcspn-guards.patch", so it will fail to build on > i686, as described in <https://bugs.gnu.org/27489>. Oops, my bad. > Also, it leaves the 'patches' fields in glibc-2.24, glibc-2.23, > glibc-2.22, and glibc-2.21. Those should be removed. > > I'll fix it up. Thank you! Ludo’. ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: 01/01: gnu: glibc/linux: Add patches for CVE-2017-1000366. 2017-06-30 15:31 ` 01/01: gnu: glibc/linux: Add patches for CVE-2017-1000366 Mark H Weaver 2017-07-01 4:08 ` Mark H Weaver @ 2017-07-01 15:59 ` Ludovic Courtès 2017-07-01 17:03 ` Mark H Weaver 2017-07-01 17:28 ` Mark H Weaver 1 sibling, 2 replies; 9+ messages in thread From: Ludovic Courtès @ 2017-07-01 15:59 UTC (permalink / raw) To: Mark H Weaver; +Cc: guix-devel Hi Mark, Mark H Weaver <mhw@netris.org> skribis: > ludo@gnu.org (Ludovic Courtès) writes: > >> civodul pushed a commit to branch core-updates >> in repository guix. >> >> commit 503a4df904b8d4b82caebdb17db9c5f76a952418 >> Author: Ludovic Courtès <ludo@gnu.org> >> Date: Thu Jun 29 12:53:14 2017 +0200 >> >> gnu: glibc/linux: Add patches for CVE-2017-1000366. >> >> * gnu/packages/patches/glibc-CVE-2017-1000366-pt1.patch, >> gnu/packages/patches/glibc-CVE-2017-1000366-pt2.patch, >> gnu/packages/patches/glibc-CVE-2017-1000366-pt3.patch: New files. >> * gnu/local.mk (dist_patch_DATA): Add them. >> * gnu/packages/base.scm (glibc/linux)[source](patches): Add them. >> [replacement]: Remove. >> (glibc-2.25-patched): Remove. >> (glibc-2.24, glibc-2.23, glibc-2.22, glibc-2.21) >> (glibc-locales): Remove 'replacement' field. > > Why did you remove the (replacement #f) fields from glibc-2.24, > glibc-2.23, glibc-2.22, and glibc-2.21? Simply to remove redundant lines. > Keeping the inherited replacements will never do the right thing here, > because the inherited replacement will always be for a newer version > of glibc. > > It would be nice to have things arranged in such a way that we can > simply add a replacement for 'glibc/linux', when needed. We did that > work for CVE-2017-1000366. It would be good not to revert that work, > to facilitate future security updates. OK, I agree. > More generally, I think we need to give more thought to how to handle > 'replacement' fields when we inherit packages, in order to do the right > thing when the inherited package is grafted. One way is to override > (replacement #f). Another is to use the 'package/inherit' macro from > (guix packages), which applies the same overrides to the replacement. > I can't think of a case where it's proper to leave the 'replacement' > unchanged when inheriting a package. > > What do you think? First, we could mark the ‘replacement’ field as “innate”, which means it will never be inherited (like the ‘location’ field.) Like you, I can’t think of a situation where inheriting the replacement makes sense. Then ‘package/inherit’ seems to be doing the rest of the job correctly. The bad thing is that it’s easy to forget to use it. If we’re motivated, we could hack this feature (let’s call it “recursive inheritance”) right into (guix records). Thoughts? Thanks, Ludo’. ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: 01/01: gnu: glibc/linux: Add patches for CVE-2017-1000366. 2017-07-01 15:59 ` Ludovic Courtès @ 2017-07-01 17:03 ` Mark H Weaver 2017-07-01 17:28 ` Mark H Weaver 1 sibling, 0 replies; 9+ messages in thread From: Mark H Weaver @ 2017-07-01 17:03 UTC (permalink / raw) To: Ludovic Courtès; +Cc: guix-devel ludo@gnu.org (Ludovic Courtès) writes: > Mark H Weaver <mhw@netris.org> skribis: > >> More generally, I think we need to give more thought to how to handle >> 'replacement' fields when we inherit packages, in order to do the right >> thing when the inherited package is grafted. One way is to override >> (replacement #f). Another is to use the 'package/inherit' macro from >> (guix packages), which applies the same overrides to the replacement. >> I can't think of a case where it's proper to leave the 'replacement' >> unchanged when inheriting a package. >> >> What do you think? > > First, we could mark the ‘replacement’ field as “innate”, which means it > will never be inherited (like the ‘location’ field.) Like you, I can’t > think of a situation where inheriting the replacement makes sense. > > Then ‘package/inherit’ seems to be doing the rest of the job correctly. > The bad thing is that it’s easy to forget to use it. If we’re > motivated, we could hack this feature (let’s call it “recursive > inheritance”) right into (guix records). > > Thoughts? I've considered this, but I see a problem: when creating the replacement package itself, e.g. 'glibc-2.25-patched' on the 'master' branch, we need to inherit from the original package and *discard* the replacement. If we used 'package/inherit' there, it would lead to an infinite series of replacements. It still might make sense to hack 'package/inherit' into (guix records) as the default behavior, but then we would need a separate mechanism for creating replacements. What do you think? Mark ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: 01/01: gnu: glibc/linux: Add patches for CVE-2017-1000366. 2017-07-01 15:59 ` Ludovic Courtès 2017-07-01 17:03 ` Mark H Weaver @ 2017-07-01 17:28 ` Mark H Weaver 2017-07-03 10:14 ` Ludovic Courtès 1 sibling, 1 reply; 9+ messages in thread From: Mark H Weaver @ 2017-07-01 17:28 UTC (permalink / raw) To: Ludovic Courtès; +Cc: guix-devel ludo@gnu.org (Ludovic Courtès) writes: > First, we could mark the ‘replacement’ field as “innate”, which means it > will never be inherited (like the ‘location’ field.) Like you, I can’t > think of a situation where inheriting the replacement makes sense. I think we should do this. It's not a complete solution, but it would be a step in the right direction. Mark ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: 01/01: gnu: glibc/linux: Add patches for CVE-2017-1000366. 2017-07-01 17:28 ` Mark H Weaver @ 2017-07-03 10:14 ` Ludovic Courtès 2017-07-03 21:54 ` Ludovic Courtès 0 siblings, 1 reply; 9+ messages in thread From: Ludovic Courtès @ 2017-07-03 10:14 UTC (permalink / raw) To: Mark H Weaver; +Cc: guix-devel [-- Attachment #1: Type: text/plain, Size: 2656 bytes --] Hi, Mark H Weaver <mhw@netris.org> skribis: > ludo@gnu.org (Ludovic Courtès) writes: > >> First, we could mark the ‘replacement’ field as “innate”, which means it >> will never be inherited (like the ‘location’ field.) Like you, I can’t >> think of a situation where inheriting the replacement makes sense. > > I think we should do this. It's not a complete solution, but it would > be a step in the right direction. I’ll push the attached patch if that’s fine with you. It has the desired effect: --8<---------------cut here---------------start------------->8--- scheme@(guile-user)> ,use(guix) scheme@(guile-user)> ,use(gnu packages base) scheme@(guile-user)> (package-replacement glibc) $1 = #<package glibc@2.25 gnu/packages/base.scm:906 2f69780> scheme@(guile-user)> (package-replacement glibc-locales) $2 = #f scheme@(guile-user)> (package-replacement glibc-2.24) $3 = #f scheme@(guile-user)> ,optimize (package (inherit glibc) (name "foo")) $4 = (make-struct/no-tail (@@ (guix packages) <package>) "foo" (struct-ref ((@@ (gnu packages base) glibc-for-target)) 1) (struct-ref ((@@ (gnu packages base) glibc-for-target)) 2) (struct-ref ((@@ (gnu packages base) glibc-for-target)) 3) (struct-ref ((@@ (gnu packages base) glibc-for-target)) 4) (struct-ref ((@@ (gnu packages base) glibc-for-target)) 5) (struct-ref ((@@ (gnu packages base) glibc-for-target)) 6) (struct-ref ((@@ (gnu packages base) glibc-for-target)) 7) (struct-ref ((@@ (gnu packages base) glibc-for-target)) 8) (struct-ref ((@@ (gnu packages base) glibc-for-target)) 9) (struct-ref ((@@ (gnu packages base) glibc-for-target)) 10) (struct-ref ((@@ (gnu packages base) glibc-for-target)) 11) (lambda () #f) ; <——— ‘replacement’ field (struct-ref ((@@ (gnu packages base) glibc-for-target)) 13) (struct-ref ((@@ (gnu packages base) glibc-for-target)) 14) (struct-ref ((@@ (gnu packages base) glibc-for-target)) 15) (struct-ref ((@@ (gnu packages base) glibc-for-target)) 16) (struct-ref ((@@ (gnu packages base) glibc-for-target)) 17) (struct-ref ((@@ (gnu packages base) glibc-for-target)) 18) (struct-ref ((@@ (gnu packages base) glibc-for-target)) 19) ((@@ (guix packages) and=>) '((line . 5) (column . 10) (filename . #f)) (@@ (guix packages) source-properties->location))) --8<---------------cut here---------------end--------------->8--- Thanks, Ludo’. [-- Warning: decoded text below may be mangled, UTF-8 assumed --] [-- Attachment #2: the patch --] [-- Type: text/x-patch, Size: 11291 bytes --] From 59c12882e6954b17750c617abddf4997a9bcbfa6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= <ludo@gnu.org> Date: Mon, 3 Jul 2017 12:07:23 +0200 Subject: [PATCH] packages: Mark 'replacement' as an "innate" field. Suggested by Mark H Weaver at <https://lists.gnu.org/archive/html/guix-devel/2017-06/msg00355.html>. * guix/packages.scm (<package>)[replacement]: Mark as "innate". * gnu/packages/base.scm (glibc-2.25-patched, glibc-2.24) (glibc-2.23, glibc-2.22, glibc-2.21, glibc-locales): Remove 'replacement' field, which was set to #f. * gnu/packages/commencement.scm (perl-boot0): Likewise. * gnu/packages/fontutils.scm (graphite2/fixed): Likewise. * gnu/packages/ghostscript.scm (ghostscript/fixed): Likewise. * gnu/packages/gnupg.scm (libgcrypt-1.7.8): Likewise. * gnu/packages/guile.scm (guile-2.0/fixed, guile-2.2): Likewise. * gnu/packages/icu4c.scm (icu4c/fixed): Likewise. * gnu/packages/image.scm (libpng-apng): Likewise. * gnu/packages/make-bootstrap.scm (%guile-static): Likewise. * gnu/packages/pcre.scm (pcre/fixed): Likewise. * gnu/packages/perl.scm (perl/fixed): Likewise. * gnu/packages/ruby.scm (ruby-2.3, ruby-2.2, ruby-2.1) (ruby-1.8): Likewise. * gnu/packages/tls.scm (gnutls-3.5.13, gnutls/guile-2.2): Likewise. * gnu/packages/xml.scm (expat-2.2.1): Likewise. --- gnu/packages/base.scm | 6 ------ gnu/packages/commencement.scm | 1 - gnu/packages/fontutils.scm | 1 - gnu/packages/ghostscript.scm | 1 - gnu/packages/gnupg.scm | 2 -- gnu/packages/guile.scm | 4 +--- gnu/packages/icu4c.scm | 1 - gnu/packages/image.scm | 1 - gnu/packages/make-bootstrap.scm | 1 - gnu/packages/pcre.scm | 1 - gnu/packages/perl.scm | 1 - gnu/packages/ruby.scm | 4 ---- gnu/packages/tls.scm | 2 -- gnu/packages/xml.scm | 1 - guix/packages.scm | 5 ++++- 15 files changed, 5 insertions(+), 27 deletions(-) diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm index 979d65795..81f8b3c8d 100644 --- a/gnu/packages/base.scm +++ b/gnu/packages/base.scm @@ -905,7 +905,6 @@ GLIBC/HURD for a Hurd host" (define glibc-2.25-patched (package (inherit glibc) - (replacement #f) (source (origin (inherit (package-source glibc)) (patches (search-patches "glibc-ldd-x86_64.patch" @@ -923,7 +922,6 @@ GLIBC/HURD for a Hurd host" (package (inherit glibc) (version "2.24") - (replacement #f) (source (origin (inherit (package-source glibc)) (uri (string-append "mirror://gnu/glibc/glibc-" @@ -943,7 +941,6 @@ GLIBC/HURD for a Hurd host" (package (inherit glibc) (version "2.23") - (replacement #f) (source (origin (inherit (package-source glibc)) (uri (string-append "mirror://gnu/glibc/glibc-" @@ -963,7 +960,6 @@ GLIBC/HURD for a Hurd host" (package (inherit glibc) (version "2.22") - (replacement #f) (source (origin (inherit (package-source glibc)) (uri (string-append "mirror://gnu/glibc/glibc-" @@ -991,7 +987,6 @@ GLIBC/HURD for a Hurd host" (package (inherit glibc-2.22) (version "2.21") - (replacement #f) (source (origin (inherit (package-source glibc-2.22)) (uri (string-append "mirror://gnu/glibc/glibc-" @@ -1004,7 +999,6 @@ GLIBC/HURD for a Hurd host" (package (inherit glibc) (name "glibc-locales") - (replacement #f) (source (origin (inherit (package-source glibc)) (patches (cons (search-patch "glibc-locales.patch") (origin-patches (package-source glibc)))))) diff --git a/gnu/packages/commencement.scm b/gnu/packages/commencement.scm index 069ffba88..54cf89bf4 100644 --- a/gnu/packages/commencement.scm +++ b/gnu/packages/commencement.scm @@ -294,7 +294,6 @@ (let ((perl (package (inherit perl) (name "perl-boot0") - (replacement #f) (arguments ;; At the very least, this must not depend on GCC & co. (let ((args `(#:disallowed-references diff --git a/gnu/packages/fontutils.scm b/gnu/packages/fontutils.scm index efea81dc1..75736a73d 100644 --- a/gnu/packages/fontutils.scm +++ b/gnu/packages/fontutils.scm @@ -415,7 +415,6 @@ and returns a sequence of positioned glyphids from the font.") (package (inherit graphite2) (name "graphite2") - (replacement #f) (source (origin (method url-fetch) diff --git a/gnu/packages/ghostscript.scm b/gnu/packages/ghostscript.scm index 1cb651c96..dc5dbcc85 100644 --- a/gnu/packages/ghostscript.scm +++ b/gnu/packages/ghostscript.scm @@ -219,7 +219,6 @@ output file formats and printers.") (define ghostscript/fixed (package (inherit ghostscript) - (replacement #f) (source (origin (inherit (package-source ghostscript)) diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm index 4ddf13dcc..e71ec8dce 100644 --- a/gnu/packages/gnupg.scm +++ b/gnu/packages/gnupg.scm @@ -119,7 +119,6 @@ generation.") (define libgcrypt-1.7.8 (package (inherit libgcrypt) - (replacement #f) (version "1.7.8") (source (origin (method url-fetch) @@ -131,7 +130,6 @@ generation.") (define-public libgcrypt-1.5 (package (inherit libgcrypt) - (replacement #f) (version "1.5.6") (source (origin diff --git a/gnu/packages/guile.scm b/gnu/packages/guile.scm index 6bff34342..d79094e1e 100644 --- a/gnu/packages/guile.scm +++ b/gnu/packages/guile.scm @@ -217,14 +217,12 @@ without requiring the source code to be rewritten.") ;; in the `base' module, and thus changing it entails a full rebuild. (package (inherit guile-2.0) - (properties '((hidden? . #t))) ;people should install 'guile-2.0' - (replacement #f))) + (properties '((hidden? . #t))))) ;people should install 'guile-2.0' (define-public guile-2.2 (package (inherit guile-2.0) (name "guile") (version "2.2.2") - (replacement #f) (source (origin (method url-fetch) (uri (string-append "mirror://gnu/guile/guile-" version diff --git a/gnu/packages/icu4c.scm b/gnu/packages/icu4c.scm index 3e9652005..224319f84 100644 --- a/gnu/packages/icu4c.scm +++ b/gnu/packages/icu4c.scm @@ -71,7 +71,6 @@ C/C++ part.") (define icu4c/fixed (package (inherit icu4c) - (replacement #f) (source (origin (inherit (package-source icu4c)) (patches diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm index 504df60fb..8a03cbc3c 100644 --- a/gnu/packages/image.scm +++ b/gnu/packages/image.scm @@ -94,7 +94,6 @@ library. It supports almost all PNG features and is extensible.") (define-public libpng-apng (package (inherit libpng) - (replacement #f) ;libpng's replacement doesn't apply here (name "libpng-apng") (version (package-version libpng)) (arguments diff --git a/gnu/packages/make-bootstrap.scm b/gnu/packages/make-bootstrap.scm index 9efe338a1..844b110eb 100644 --- a/gnu/packages/make-bootstrap.scm +++ b/gnu/packages/make-bootstrap.scm @@ -509,7 +509,6 @@ for `sh' in $PATH, and without nscd, and with static NSS modules." (patches patches))) (guile (package (inherit guile-2.0) (name (string-append (package-name guile-2.0) "-static")) - (replacement #f) (source source) (synopsis "Statically-linked and relocatable Guile") diff --git a/gnu/packages/pcre.scm b/gnu/packages/pcre.scm index 58beab0a9..67a8db1c7 100644 --- a/gnu/packages/pcre.scm +++ b/gnu/packages/pcre.scm @@ -75,7 +75,6 @@ POSIX regular expression API.") (define pcre/fixed (package (inherit pcre) - (replacement #f) (source (origin (inherit (package-source pcre)) (patches (search-patches "pcre-CVE-2017-7186.patch")))))) diff --git a/gnu/packages/perl.scm b/gnu/packages/perl.scm index 6da4bb13f..6a59e6bf8 100644 --- a/gnu/packages/perl.scm +++ b/gnu/packages/perl.scm @@ -151,7 +151,6 @@ (define perl/fixed (package (inherit perl) - (replacement #f) (source (origin (inherit (package-source perl)) diff --git a/gnu/packages/ruby.scm b/gnu/packages/ruby.scm index 7680f4eae..7eba68444 100644 --- a/gnu/packages/ruby.scm +++ b/gnu/packages/ruby.scm @@ -106,7 +106,6 @@ a focus on simplicity and productivity.") (package (inherit ruby) (version "2.3.4") - (replacement #f) (source (origin (method url-fetch) @@ -124,7 +123,6 @@ a focus on simplicity and productivity.") (define-public ruby-2.2 (package (inherit ruby) - (replacement #f) (version "2.2.7") (source (origin @@ -138,7 +136,6 @@ a focus on simplicity and productivity.") (define-public ruby-2.1 (package (inherit ruby) - (replacement #f) (version "2.1.10") (source (origin @@ -172,7 +169,6 @@ a focus on simplicity and productivity.") (define-public ruby-1.8 (package (inherit ruby) - (replacement #f) (version "1.8.7-p374") (source (origin diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm index 9198bae02..f80f7d3bc 100644 --- a/gnu/packages/tls.scm +++ b/gnu/packages/tls.scm @@ -222,7 +222,6 @@ required structures.") ;; We use 'D' instead of '13' here to keep the store file name at ;; the same length. See <https://bugs.gnu.org/27308>. (version "3.5.D") - (replacement #f) (source (origin (method url-fetch) (uri @@ -240,7 +239,6 @@ required structures.") ;; GnuTLS for Guile 2.2. This is supported by GnuTLS >= 3.5.5. (package (inherit gnutls) - (replacement #f) (source (package-source gnutls-3.5.13)) (name "guile2.2-gnutls") (arguments diff --git a/gnu/packages/xml.scm b/gnu/packages/xml.scm index 2b471e80d..67d6c8e8d 100644 --- a/gnu/packages/xml.scm +++ b/gnu/packages/xml.scm @@ -79,7 +79,6 @@ things the parser might find in the XML document (like start tags).") (package (inherit expat) (version "2.2.1") - (replacement #f) (source (origin (method url-fetch) (uri (string-append "mirror://sourceforge/expat/expat/" diff --git a/guix/packages.scm b/guix/packages.scm index 464fc433b..f60303404 100644 --- a/guix/packages.scm +++ b/guix/packages.scm @@ -269,8 +269,11 @@ name of its URI." ; inputs (native-search-paths package-native-search-paths (default '())) (search-paths package-search-paths (default '())) + + ;; The 'replacement' field is marked as "innate" because it never makes + ;; sense to inherit a replacement as is. See the 'package/inherit' macro. (replacement package-replacement ; package | #f - (default #f) (thunked)) + (default #f) (thunked) (innate)) (synopsis package-synopsis) ; one-line description (description package-description) ; one or two paragraphs -- 2.13.2 ^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: 01/01: gnu: glibc/linux: Add patches for CVE-2017-1000366. 2017-07-03 10:14 ` Ludovic Courtès @ 2017-07-03 21:54 ` Ludovic Courtès 2017-07-04 3:07 ` Mark H Weaver 0 siblings, 1 reply; 9+ messages in thread From: Ludovic Courtès @ 2017-07-03 21:54 UTC (permalink / raw) To: Mark H Weaver; +Cc: guix-devel ludo@gnu.org (Ludovic Courtès) skribis: > From 59c12882e6954b17750c617abddf4997a9bcbfa6 Mon Sep 17 00:00:00 2001 > From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= <ludo@gnu.org> > Date: Mon, 3 Jul 2017 12:07:23 +0200 > Subject: [PATCH] packages: Mark 'replacement' as an "innate" field. > > Suggested by Mark H Weaver > at <https://lists.gnu.org/archive/html/guix-devel/2017-06/msg00355.html>. > > * guix/packages.scm (<package>)[replacement]: Mark as "innate". > * gnu/packages/base.scm (glibc-2.25-patched, glibc-2.24) > (glibc-2.23, glibc-2.22, glibc-2.21, glibc-locales): Remove > 'replacement' field, which was set to #f. > * gnu/packages/commencement.scm (perl-boot0): Likewise. > * gnu/packages/fontutils.scm (graphite2/fixed): Likewise. > * gnu/packages/ghostscript.scm (ghostscript/fixed): Likewise. > * gnu/packages/gnupg.scm (libgcrypt-1.7.8): Likewise. > * gnu/packages/guile.scm (guile-2.0/fixed, guile-2.2): Likewise. > * gnu/packages/icu4c.scm (icu4c/fixed): Likewise. > * gnu/packages/image.scm (libpng-apng): Likewise. > * gnu/packages/make-bootstrap.scm (%guile-static): Likewise. > * gnu/packages/pcre.scm (pcre/fixed): Likewise. > * gnu/packages/perl.scm (perl/fixed): Likewise. > * gnu/packages/ruby.scm (ruby-2.3, ruby-2.2, ruby-2.1) > (ruby-1.8): Likewise. > * gnu/packages/tls.scm (gnutls-3.5.13, gnutls/guile-2.2): Likewise. > * gnu/packages/xml.scm (expat-2.2.1): Likewise. Pushed as d5ec5ed7197d121130af6953378bcfd8929a9754. Ludo’. ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: 01/01: gnu: glibc/linux: Add patches for CVE-2017-1000366. 2017-07-03 21:54 ` Ludovic Courtès @ 2017-07-04 3:07 ` Mark H Weaver 0 siblings, 0 replies; 9+ messages in thread From: Mark H Weaver @ 2017-07-04 3:07 UTC (permalink / raw) To: Ludovic Courtès; +Cc: guix-devel ludo@gnu.org (Ludovic Courtès) writes: > ludo@gnu.org (Ludovic Courtès) skribis: > >> From 59c12882e6954b17750c617abddf4997a9bcbfa6 Mon Sep 17 00:00:00 2001 >> From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= <ludo@gnu.org> >> Date: Mon, 3 Jul 2017 12:07:23 +0200 >> Subject: [PATCH] packages: Mark 'replacement' as an "innate" field. [...] > > Pushed as d5ec5ed7197d121130af6953378bcfd8929a9754. Looks good to me, thanks! Mark ^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2017-07-04 3:07 UTC | newest] Thread overview: 9+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- [not found] <20170629200450.17825.10767@vcs0.savannah.gnu.org> [not found] ` <20170629200450.E946620FFF@vcs0.savannah.gnu.org> 2017-06-30 15:31 ` 01/01: gnu: glibc/linux: Add patches for CVE-2017-1000366 Mark H Weaver 2017-07-01 4:08 ` Mark H Weaver 2017-07-01 15:45 ` Ludovic Courtès 2017-07-01 15:59 ` Ludovic Courtès 2017-07-01 17:03 ` Mark H Weaver 2017-07-01 17:28 ` Mark H Weaver 2017-07-03 10:14 ` Ludovic Courtès 2017-07-03 21:54 ` Ludovic Courtès 2017-07-04 3:07 ` Mark H Weaver
Code repositories for project(s) associated with this public inbox https://git.savannah.gnu.org/cgit/guix.git This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).