bug#47576: [security] ibus-daemon launches ungrafted subprocesses

Hi, Mark H Weaver skribis: > I found them: > > ~/.cache/ibus/bus/registry > /var/lib/gdm/.cache/ibus/bus/registry > > On my system, those files include absolute pathnames to programs in > /gnu/store/a4r6q1fbfqapy5hrrxap1yg96rjgln6q-ibus-1.5.22, which I > compiled last December. Looks like <

bug#37955: warning: '.desktop' file refers to '', which cannot be found

The Exec paths in these files already refer to absolute paths, infact, /gnu/store paths Thus the regex: ("^Exec=([^/[:blank:]\r\n]*)(.*)$" _ binary rest) with binary = empty string and rest = everything after Exec= Why? The second subexpression [^/[:blank:]\r\n]* is bound to binary, but it mea

bug#47672: owncloud-client : "Could not read system exclude file"

Hello ! After setting up an account to a davs server, the synchronisation fails with messages : * On the GUI : "Could not read system exclude file" * In log file : 20210409_1235_owncloud.log.0.gz:04-09 12:35:55:294 [ info sync.configfile ]: Adding system ignore list to csync: "/home/fulbe

bug#37955: warning: '.desktop' file refers to '', which cannot be found

Thanks for the investigation. Would you like to send a patch? signature.asc Description: PGP signature

bug#37955: warning: '.desktop' file refers to '', which cannot be found

> On 04/09/2021 1:23 PM Pierre Neidhardt wrote: > > > Thanks for the investigation. Would you like to send a patch? I'm not sure what the right way to fix it is. I may have come up with a brilliant idea. Untested patch attached.From 64c200f3630de13ec3487cb5c756b47b133c6ecf Mon Sep 17 00:00:

bug#47667: rust-rav1e-0.4 fails to build

Hello, Leo Famulari writes: > I got it building with 29a6c361492b18bcb0f6d2517d010a1b48441521, adding > some inputs that the rav1e package also has. > > Maybe we should merge these packages? Unless I'm missing something rust-rav1e-0.4 is not supposed to be built, per its `skip-build' keyword. I

bug#45187: git download defaults to origin/master

Hi! Kyle Meyer skribis: > Subject: [PATCH] git: Update cached checkout to the remote HEAD by default. > > Fixes . > Reported by Ricardo Wurmus . > > update-cached-checkout hard codes "master" as the default branch, leading to a > failure when the clone doesn't have a

bug#32515: GNOME thumbnailing code execution vulnerabilities.

Leo Famulari (26 Feb 2019) wrote: > Since this bug was filed, Ghostscript has received more scrutiny and > serious bugs continue to be found. I assume you meant ‘fixed’. > [...] > Barring that, we should keep our package up to date ghostscript can be updated to 9.54 (https://ghostscript.com/dow

bug#47674: dnsmasq is vulnerable to CVE-2021-3448

CVE-2021-3448 A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random

bug#30790: Broken Qt 5 in my main profile - Qt DBus ?

Hi Danny, Danny Milosavljevic writes: > Hi, > > seems I broke Qt 5 in my main profile by updating some packages. > > I've got this situation: > > /gnu/store/gdcnj399zhkpa5kf2mnzgg9lfb3nnd0h-lyx-2.2.3$ gdb > share/lyx/bin/lyx2.2 > (gdb) r > Cannot mix incompatible Qt library (version 0x50903) wi

bug#46362: got unexpected path `Backtrace:' from substituter

Ludovic Courtès skribis: >>From d85353dd4bfaa57a7d5803dade91d806a169295a Mon Sep 17 00:00:00 2001 > From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= > Date: Tue, 6 Apr 2021 12:10:29 +0200 > Subject: [PATCH] daemon: 'guix substitute' replies on FD 4. > > This avoids the situation where error messages wou

bug#47675: quiterss segfaults

Hi Guix, $ guix --version > guix (GNU Guix) 29a6c361492b18bcb0f6d2517d010a1b48441521 > [...] $ guix environment --ad-hoc --pure coreutils which gdb quiterss -E "XAUTHORITY" -E "DISPLAY" -- quiterss > # (No output) $ guix environment --ad-hoc --pure coreutils which gdb quiterss -E "XAUTHORITY"

bug#37955: warning: '.desktop' file refers to '', which cannot be found

So if the path is already an absolute store path, then I suppose that the whole phase is superfluous, isn't it? Couldn't we just delete it? -- Pierre Neidhardt https://ambrevar.xyz/ signature.asc Description: PGP signature

bug#47667: rust-rav1e-0.4 fails to build

On Fri, Apr 09, 2021 at 03:18:33PM +0200, Nicolas Goaziou wrote: > Unless I'm missing something rust-rav1e-0.4 is not supposed to be built, > per its `skip-build' keyword. I'm surprised it chokes this way. Huh, I don't know... it started to fail after changes to the cargo-build-system.

bug#32515: GNOME thumbnailing code execution vulnerabilities.

On Fri, Apr 09, 2021 at 03:51:21PM +0200, Maxime Devos wrote: > Leo Famulari (26 Feb 2019) wrote: > > Since this bug was filed, Ghostscript has received more scrutiny and > > serious bugs continue to be found. > > I assume you meant ‘fixed’. I did not mean 'fixed'. As far as I know, no work was d

bug#47674: dnsmasq is vulnerable to CVE-2021-3448

On Fri, Apr 09, 2021 at 05:10:43PM +0200, Nicolò Balzarotti wrote: > CVE-2021-3448 > > A flaw was found in dnsmasq in versions before 2.85. When configured to > use a specific server for a given network interface, dnsmasq uses a > fixed port while forwarding queries. An attacker on the network, ab

bug#47674: dnsmasq is vulnerable to CVE-2021-3448

On Fri, Apr 09, 2021 at 05:10:43PM +0200, Nicolò Balzarotti wrote: > From a0932442c6c72d1e1a2a0f400f8afa487251189d Mon Sep 17 00:00:00 2001 > From: nixo > Date: Fri, 9 Apr 2021 16:19:03 +0200 > Subject: [PATCH] gnu: dnsmasq: Update to 2.85. > > * gnu/packages/dns.scm (dnsmasq): Update to 2.85. L

bug#47674: dnsmasq is vulnerable to CVE-2021-3448

On Fri, Apr 09, 2021 at 05:10:43PM +0200, Nicolò Balzarotti wrote: > All dependent packages (refresh -l) build fine except for > python2-libvirt@7.2.0, which is failing also on master > (libvirt-python requires Python >= 3.5 to build). Since it's a python2 > package and no other packages depends o

bug#47674: dnsmasq is vulnerable to CVE-2021-3448

Leo Famulari writes: > On Fri, Apr 09, 2021 at 05:10:43PM +0200, Nicolò Balzarotti wrote: >> All dependent packages (refresh -l) build fine except for >> python2-libvirt@7.2.0, which is failing also on master >> (libvirt-python requires Python >= 3.5 to build). Since it's a python2 >> package an

bug#47674: dnsmasq is vulnerable to CVE-2021-3448

On Fri, Apr 09, 2021 at 09:47:13PM +0200, Nicolò Balzarotti wrote: > Staging has an older version (5.8 vs 7.2, which has been released in > november 2019 [fn:1] though), and it got updated a few days ago > (28cc447fc5bd0a219ad54836a343826cc34d9bd7) if I'm not wrong, so it should > fail on staging t

bug#47660: Add link to the ticket when someone reply

This work or i search for it also work, But we are talking making things much easier and its possible through providing the link directly to the ticket in bottom, I believe this practice followed by all major ticketing systems,platforms,projects.. So i dont understand whats the big deal having

bug#47633: Provide direct download to .iso

> The reason is to save bandwidth. For the user or for the website? If its for the website i dont see 200MB (difference between .iso and .xz) is making a big deal different, And if the complain real about that in Megabytes then there shouldnt be a direct download to the image not .xz nor as .i

bug#47681: Reloading udev rules requires a system restart

Hello Guix! Using Guix System, after adding a new rule to the configuration of their udev-service-type service, the only ways to get the new rule into effect are to either: 1. restart udev (which is almost the same as a reboot, bringing down your graphical session) 2. restart the operating syst

bug#47634: Accompany .asc and .DIGESTS keys for the ISO

> Which implies that the signatures are sufficient, right? Well this is simple question but the answer is sorta deeper, So i will answer with yes and no: yes signatures are sufficient but signatures with PGP has problems, In the suggestion above i didnt suggest to diverse the signing methods

bug#37955: warning: '.desktop' file refers to '', which cannot be found

> On 04/09/2021 7:39 PM Pierre Neidhardt wrote: > > > So if the path is already an absolute store path, then I suppose that > the whole phase is superfluous, isn't it? > > Couldn't we just delete it? Do you mean delete the phase entirely or just from Racket? It's not always the case that t

bug#47632: Extracting guix.iso.xz with Xarchiver will give damaged .iso

Feel free to close this issue, I have tested this scenario again i cant reproduce. Leo Famulari: On Wed, Apr 07, 2021 at 05:27:49AM +, bo0od wrote: I have just tested to extract guix.iso.xz using Xarchiver and tried to install guix.iso on a vbox, The image wont be readable/identified for i

bug#45187: git download defaults to origin/master

Ludovic Courtès writes: > Kyle Meyer skribis: [...] >>git-checkout make-git-checkout >>git-checkout? >>(url git-checkout-url) >> - (branch git-checkout-branch (default "master")) >> + (branch git-checkout-branch (default #f)) >> + (symref git-checkout-symref (default "HEAD")

bug#45187: git download defaults to origin/master

Kyle Meyer writes: > @@ -356,6 +360,7 @@ (define* (update-cached-checkout url > > REF is pair whose key is [branch | commit | tag | tag-or-commit ] and value > the associated data: [ | | | ]. > +IF REF is the empty list, the remote HEAD is used. Sorry, here and ... > @@ -433,12 +439,13 @@