From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp10.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id va5xIEGr7mML6gAAbAwnHQ (envelope-from ) for ; Thu, 16 Feb 2023 23:16:33 +0100 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp10.migadu.com with LMTPS id MJ7RHkGr7mMTrAAAG6o9tA (envelope-from ) for ; Thu, 16 Feb 2023 23:16:33 +0100 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 523C62D4E7 for ; Thu, 16 Feb 2023 23:16:33 +0100 (CET) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1pSmXs-0005Bb-Bv; Thu, 16 Feb 2023 17:16:04 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pSmXq-0005BM-Aq for bug-guix@gnu.org; Thu, 16 Feb 2023 17:16:02 -0500 Received: from debbugs.gnu.org ([209.51.188.43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1pSmXq-0002iJ-3B for bug-guix@gnu.org; Thu, 16 Feb 2023 17:16:02 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1pSmXp-0001c9-Mu for bug-guix@gnu.org; Thu, 16 Feb 2023 17:16:01 -0500 X-Loop: help-debbugs@gnu.org Subject: bug#32026: [PATCH 10/10] gnu: icecat: Unbundle nss and nspr. Resent-From: Mark H Weaver Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Thu, 16 Feb 2023 22:16:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 32026 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: Maxim Cournoyer , 32026@debbugs.gnu.org Cc: ludo@gnu.org, Jonathan Brielmaier , Maxim Cournoyer Received: via spool by 32026-submit@debbugs.gnu.org id=B32026.16765857326162 (code B ref 32026); Thu, 16 Feb 2023 22:16:01 +0000 Received: (at 32026) by debbugs.gnu.org; 16 Feb 2023 22:15:32 +0000 Received: from localhost ([127.0.0.1]:37847 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pSmXM-0001bK-5a for submit@debbugs.gnu.org; Thu, 16 Feb 2023 17:15:32 -0500 Received: from world.peace.net ([64.112.178.59]:37732) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pSmXK-0001b3-Tl for 32026@debbugs.gnu.org; Thu, 16 Feb 2023 17:15:31 -0500 Received: from mhw by world.peace.net with esmtpsa (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1pSmXE-0001VQ-35; Thu, 16 Feb 2023 17:15:24 -0500 From: Mark H Weaver In-Reply-To: <20230216043649.32119-10-maxim.cournoyer@gmail.com> References: <20230216043649.32119-1-maxim.cournoyer@gmail.com> <20230216043649.32119-10-maxim.cournoyer@gmail.com> Date: Thu, 16 Feb 2023 17:14:33 -0500 Message-ID: <87k00hfeaj.fsf@netris.org> MIME-Version: 1.0 Content-Type: text/plain X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-guix@gnu.org List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org Sender: bug-guix-bounces+larch=yhetil.org@gnu.org X-Migadu-Country: US X-Migadu-Flow: FLOW_IN ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=none; spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org"; dmarc=none ARC-Seal: i=1; s=key1; d=yhetil.org; t=1676585793; a=rsa-sha256; cv=none; b=gTD6gLeG6ZJu6oGr4XbERjxE3XnPGcYgPzznoHZnS8bqICmu4RsJ4DNc6LI4snek8zH2O/ 7JQxI8FtDXv8/qN6my/8PmTMCFmf+OmG0DYQV/fotJmTDdrA/jChMPkB79AxqfBxWtPz2g eStO3w7zsvsHW5/3Mycn7w/uZKPuVLFdwr6o1UXiPjzLIVFkjSrE3z6S1t+XOdmj/6n/OW sY/WcfD5rROJSnAh8R5OCWTtw7mtyHnZfT9TGIuOVUgxlNs9pkl8DbFgELjCK2FBux1ozz MfVOoCPYls9YG55KNdb2lOU9fTUp/Ms6NrTMEY0P3QQlgPDE4hl3BXte3fjdTQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1676585793; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:resent-cc:resent-from:resent-sender: resent-message-id:in-reply-to:in-reply-to:references:references: list-id:list-help:list-unsubscribe:list-subscribe:list-post; bh=NjL3I1jzJa09CERpHo1fDuttAI8NGo2onp7uDky9MP4=; b=IrKU+tnm0F3IxCT3HVTk+w+7IG52AI5rd8GuoPYf6cBo8h1etYWsyE26orUP+VU4rNDULa qZx9Staj+E7n0XZWXlC7RvizVSfNnhJy3XNPljATbQ7CSwpQIUmENFJmTfjQ3WIfchoDV/ ErVxZ30QpekBbhyyq2F9K0KQA5ZOY7DOzKo9UNQb3NsWAQ7lVHwdLXp6RZ7lQ4hRhrWdY+ 9U8W0HIPZCknn7lHxVihjEVjpYsjmwoTOgeSIP6LLcdFonnmVWdHimZfWtVmN3umaLXycd BiW+wVse524u4GJ44D0UfuFT+tq5ohV/nmpr9x5cJBFlSkzhvsXWuEWDAhwZqw== Authentication-Results: aspmx1.migadu.com; dkim=none; spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org"; dmarc=none X-Migadu-Spam-Score: 1.18 X-Spam-Score: 1.18 X-Migadu-Queue-Id: 523C62D4E7 X-Migadu-Scanner: scn1.migadu.com X-TUID: X4I4uk+tlOD1 Hi Maxim, Maxim Cournoyer writes: > * gnu/packages/gnuzilla.scm (icecat-minimal) [inputs]: Add nspr-next and > nss-next. > [configure-flags]: Re-instate the "--with-system-nspr" and "--with-system-nss" > configure flags. > [phases] {remove-bundled-libraries}: Update comment. This is really great, thank you! There's just one transient issue that makes me want to hold off on this: As I recently reported to guix-security, a Mozilla security advisory published on Tuesday mentions "CVE-2023-0767: Arbitrary memory write via PKCS 12 in NSS". I'd like someone to confirm that this issue has been fixed in 'nss-next' before applying this commit. I don't have time to check it myself right now. Thanks, Mark