From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:40202) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eJjVN-0001bL-36 for guix-patches@gnu.org; Tue, 28 Nov 2017 12:17:10 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eJjVH-0006Y1-AH for guix-patches@gnu.org; Tue, 28 Nov 2017 12:17:09 -0500 Received: from debbugs.gnu.org ([208.118.235.43]:54484) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1eJjVH-0006Xq-6G for guix-patches@gnu.org; Tue, 28 Nov 2017 12:17:03 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1eJjVG-0003sc-In for guix-patches@gnu.org; Tue, 28 Nov 2017 12:17:02 -0500 Subject: [bug#29406] [PATCH core-updates]: Add selected upstream fixes for glibc 2.26. Resent-Message-ID: From: Marius Bakke In-Reply-To: <87r2sixueu.fsf@gnu.org> References: <87mv3eove6.fsf@fastmail.com> <20171123145702.GA5794@jasmine.lan> <20171127213004.GA22910@jasmine.lan> <87bmjnyyaa.fsf@fastmail.com> <871ski3cmj.fsf@gnu.org> <878teqzhpa.fsf@fastmail.com> <87r2sixueu.fsf@gnu.org> Date: Tue, 28 Nov 2017 18:16:20 +0100 Message-ID: <87609uz5ln.fsf@fastmail.com> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: Ludovic =?UTF-8?Q?Court=C3=A8s?= Cc: 29406-done@debbugs.gnu.org --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Ludovic Court=C3=A8s writes: > Marius Bakke skribis: > >> Ludovic Court=C3=A8s writes: >> >>> Hi, >>> >>> Marius Bakke skribis: >>> >>>> From a5b022a355a0babdc4809f39f94b6662ea7789d1 Mon Sep 17 00:00:00 2001 >>>> From: Marius Bakke >>>> Date: Sat, 25 Nov 2017 19:17:28 +0100 >>>> Subject: [PATCH] gnu: glibc: Update to 2.26-91-gaaa2eb83b8. >>>> >>>> * gnu/packages/base.scm (glibc/linux): Update to 2.26-91-gaaa2eb83b8. >>>> [source](uri): Download from alpha.gnu.org. >>>> [source](patches): Remove glibc-CVE-2017-15670-15671.patch. >>>> --- >>>> gnu/packages/base.scm | 17 ++++++++++++----- >>>> 1 file changed, 12 insertions(+), 5 deletions(-) >>>> >>>> diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm >>>> index a6663c5cf..20d5fa72b 100644 >>>> --- a/gnu/packages/base.scm >>>> +++ b/gnu/packages/base.scm >>>> @@ -515,14 +515,22 @@ store.") >>>> (define-public glibc/linux >>>> (package >>>> (name "glibc") >>>> - (version "2.26") >>>> + ;; Glibc has stable branches that continuously pick fixes for each= supported >>>> + ;; release. Unfortunately they do not do point-releases, so we ar= e stuck >>>> + ;; with copying almost all patches, or use a snapshot of the relea= se branch. >>>> + ;; >>>> + ;; This version number corresponds to the output of `git describe`= and the >>>> + ;; archive can be generated by checking out the commit ID and run: >>>> + ;; git archive --prefix=3D$(git describe)/ HEAD | xz -9 > $(git de= scribe).tar.xz >>>> + ;; See for details. >>>> + (version "2.26-91-gaaa2eb83b8") >>>> (source (origin >>>> (method url-fetch) >>>> - (uri (string-append "mirror://gnu/glibc/glibc-" >>>> - version ".tar.xz")) >>>> + (uri (string-append "https://alpha.gnu.org/gnu/guix/mirro= r/" >>>> + "glibc-" version ".tar.xz")) >>>> (sha256 >>>> (base32 >>>> - "1ggnj1hzjym7sn93rbwydcqd562q73lsb7g7kd199g6j9j9hlkp5")) >>>> + "0867nxcv3n48iq3b5f1hca7cyx8pzjva67rxyslf9l595xd934kx")) >>> >>> I=E2=80=99ve built the tarball locally with the command above but the h= ash I get is: >>> >>> 1zwz6d0x3ndd0hgqp17fx71miyjvn4dgkl1nzhaz3mbcqxzrprhk >> >> Gah. I used "xz --threads=3D0" initially and didn't expect it to change >> the outcome. >> >> I can reproduce the above hash by running the same command: >> >> $ git archive --prefix=3D$(git describe)/ HEAD | xz -9 > $(git describe)= -nothreads.tar.xz >> $ guix hash glibc-2.26-91-gaaa2eb83b8-nothreads.tar.xz >> 1zwz6d0x3ndd0hgqp17fx71miyjvn4dgkl1nzhaz3mbcqxzrprhk=20 >> >> Let's stick with the "nothreads" variant for compatibility. > > OK, it=E2=80=99s now available at > . > > Thank you! Typical: The 2.26 branch just got 10 new commits that look important: https://sourceware.org/git/?p=3Dglibc.git;a=3Dshortlog;h=3Drefs/heads/relea= se/2.26/master Especially the malloc() fixes. Should we pick them while we still have time, or update the snapshot? --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEu7At3yzq9qgNHeZDoqBt8qM6VPoFAlodmeQACgkQoqBt8qM6 VPqqHQgArflQV0liJbaTb9Q9UJ6Rg7Y4hbih06yJPD6R40aLZ33/cc91WvkKINYB OfY1vZGUeFYndn4E8ePtTTjOETkKaBWowKPuklyD+M6yPafuU3mZYA98gZhtMjYE qFgXBf3cO22qbrOKT+66L5YC/3HrOsx5v8GBPtrzG6ciIN9+yFFRMe/Rmi0kXXXA 0+wokogip6TZLkOqmCYSv9+SDm33OyDzyoGPtpu5sfCm0O12B/H+DDYGjKX0sn21 pwmjdkoanLsFGzy+l48KA8IkVCSpdenxCkXYAIChCv1QkEuR7Z8fouLU/hTHjLoR MZvGcM/TgtFBIIeMABMkuHkfWf0twg== =LeQ/ -----END PGP SIGNATURE----- --=-=-=--