From mboxrd@z Thu Jan 1 00:00:00 1970 From: Leo Famulari Subject: Re: [PATCH] Update gd and php Date: Fri, 20 Jan 2017 00:53:19 -0500 Message-ID: <20170120055319.GA28011@jasmine> References: <20170119221919.7a74f45a@lepiller.eu> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="3MwIy2ne0vdjdPXF" Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:33794) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cUS8b-0008AH-H2 for guix-devel@gnu.org; Fri, 20 Jan 2017 00:53:26 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cUS8Y-00037t-2z for guix-devel@gnu.org; Fri, 20 Jan 2017 00:53:25 -0500 Received: from out1-smtp.messagingengine.com ([66.111.4.25]:52733) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cUS8X-00036z-Sv for guix-devel@gnu.org; Fri, 20 Jan 2017 00:53:22 -0500 Content-Disposition: inline In-Reply-To: <20170119221919.7a74f45a@lepiller.eu> List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: Julien Lepiller Cc: guix-devel@gnu.org --3MwIy2ne0vdjdPXF Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Jan 19, 2017 at 10:19:19PM +0100, Julien Lepiller wrote: > A new version of gd and php were released today. Here are patches to > update them. I could get rid of gd-for-php and use the system one > instead. Two new tests had to be removed, they are related to already > failing tests. > From 502fa6202e8dabed3abdd584f720eb6128fdc127 Mon Sep 17 00:00:00 2001 > From: Julien Lepiller > Date: Thu, 19 Jan 2017 22:09:35 +0100 > Subject: [PATCH 1/2] gnu: gd: Update to 2.2.4. >=20 > * gnu/packages/gd.scm (gd): Update to 2.2.4. > --- > gnu/local.mk | 2 -- > gnu/packages/gd.scm | 8 ++---- > gnu/packages/patches/gd-CVE-2016-7568.patch | 44 -----------------------= ------ > gnu/packages/patches/gd-CVE-2016-8670.patch | 38 -----------------------= -- > 4 files changed, 3 insertions(+), 89 deletions(-) > delete mode 100644 gnu/packages/patches/gd-CVE-2016-7568.patch > delete mode 100644 gnu/packages/patches/gd-CVE-2016-8670.patch Thank you for this! Usually I prefer to give feedback and ask the submitter to revise their patch, but there were so many complicating factors that I just wrote my own: http://lists.gnu.org/archive/html/guix-devel/2017-01/msg01641.html Since the new release fixes security issues in a package that causes many rebuilds when changed, we need to use a graft. [0] I also noticed a gd-2.2.4 build failure on i686-linux. And I think that PHP's use of libgd should be updated in the same commit. Otherwise, after patch 1/2, PHP would require a gd-for-php with patches that would fail to apply, leaving PHP broken for that commit. [0] In case you haven't seen it, this is the "rebuilding" strategy: http://lists.gnu.org/archive/html/guix-devel/2016-10/msg00933.html --3MwIy2ne0vdjdPXF Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAliBpcsACgkQJkb6MLrK fwgQIA//XW7SBjgaL+IduzFjraYfxsFBgyzS6DX2FarGEE0I03TNpBpOUDxWQwKp O547J/EXQJnT5BRgorSkJMeXooPv13dlrBuuGS/cRjpCWa4OrhVlQ28maP7lcV1R PBhnmoNvMLqWbOVkK/fONWJud578ddNklKHN6wmCFu24RHMAkitk1fMgWR6apHix ADnHEAwaY52tXbmF/AalO5fhbScX8OvVK+frrXiBLLP56rc3JUILq+MRDtmP+2q8 WhAaxaeE0+UT75RpMBnICuGX2j+Tisilb93KMrOwc7v56hKh5RA4lMnOpaXWOsLF BPUne0mXguEZ3syRVZNSTNNaLzDoNuD7rfrxkJWPMCPXwHMylHjERIDQJhW4O0Gw +qlU2992Y6OCS+f61s5whKXdYgfdjvl4O6UZ0tvVN571JzEGJA1kkdlhYRL1WMhV FE+4tJiQfjO+lHyxqB1LwGGDwVIpFycNuPGBev+EdRSSSeNl+xVQUiHzJFPG5ztM NM+KgxsMfHQaJ/3LI5SHWqE60utE4NlvHtrFZFEjZbsO0XIQ9+XCEHVWgjc2BWKq AFwwBSwK4q1XO7t+S3j/okbXZ2Ev7oxyBjTpzX3mbP9ENtAEBcNMr6JAP6zvhGn5 +BI6yPdT1jWH89UqUYxkC8ZmfXE8cdMy0HGWWOmRQ/ky0rw+J30= =WIoo -----END PGP SIGNATURE----- --3MwIy2ne0vdjdPXF--