Re: guix environment --profile with --ad-hoc

Hi Pierre, > Instead, I'd like the following behaviour: > […] hm, I feel that’s unnecessarly complex with lots of if’s and else’s. If I could design the frontend from scratch, I’d have one command that does profile/environment manipulation (because they’re essentially the same) and one that can se

gnutls package may be vulnerable to CVE-2021-20232

CVE-2021-20232 12.03.21 20:15 A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences. It is not certain whether 3.6.x series are affected as packaged in GNU Guix. I asked the upstream at <

libupnp package vulnerable to CVE-2021-28302

CVE-2021-28302 12.03.21 16:15 A stack overflow in pupnp 1.16.1 can cause the denial of service through the Parser_parseDocument() function. ixmlNode_free() will release a child node recursively, which will consume stack space and lead to a crash. Upstream did not provide a patch yet, see < https:

regression: “guix pack” Docker images no longer work on AWS

Hi Guix, I’m using “guix pack”-generated Docker images on AWS ECS. On June 17, 2020 I generated and uploaded an image that works fine. According to AWS this image has this manifest type: application/vnd.docker.distribution.manifest.v2+json Today I generated a new image that does not work.

Re: CVEs missing from the NIST database

Hi Ludovic, Ludovic Courtès writes: > In this case, I noticed that ‘guix lint -c cve cairo’ wouldn’t report > CVE-2020-35492 and found that > is 404. > > Likewise, this command: > >wget -qO - > "https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve

Re: Release on April 18th?

Chris Marusich writes: > Subject: [PATCH] syscalls: mount: Fix a matching bug. In the patch message, "mount" should be "mounts". Sorry for the typo! -- Chris signature.asc Description: PGP signature

Re: Release on April 18th?

Hi, Vincent Legoll writes: > I rebuilt guix on core-updates with gcc-8 succesfully > I'll now try the same above wip-ppc64le. Awesome! Thank you for doing this. I'm sure there will be some bumps, and the sooner we can fix them, the easier it will be to integrate later. I'm still working on g

Re: CVEs missing from the NIST database

On Fri, Mar 12, 2021 at 04:31:59PM +0100, Ludovic Courtès wrote: > It could be that this CVE is still “pending” (I think that happens > sometimes). Do you know more about this one? I found some references from other distros: https://access.redhat.com/security/cve/cve-2020-35492 https://security-

Re: guix environment --profile with --ad-hoc

Hi again, There is possibly a design flaw that prevents it from being completely super useful :) It'd be great if the command would be more "do-what-I-mean" when both package options and --profile are passed. Currently, I get --8<---cut here---start->8--- $ g

CVEs missing from the NIST database

Hi Mark, guix-comm...@gnu.org skribis: > commit bc16eacc99e801ac30cbe2aa649a2be3ca5c102a > Author: Mark H Weaver > AuthorDate: Fri Mar 12 05:24:36 2021 -0500 > > gnu: cairo: Fix CVE-2018-19876 and CVE-2020-35492. > > * gnu/packages/patches/cairo-CVE-2018-19876.patch, > gnu/packa

Release 1.2.1: timeline

Hi, The plan is to release on the April, 18th. It is a target date. This 1.2.1 release will mainly contain bunch of bug fixes and package updates. More, remove of Python 2 when possible. Releasing is a good occasion to take the time to ungraft and test the installers. Ungrafting should break

Re: Release on April 18th?

On Fri, Mar 12, 2021 at 12:33:18AM -0800, Chris Marusich wrote: > Hi Efraim and Ludo, > > Efraim Flashner writes: > > > My plan was absolutely to merge master into core-updates after and then > > integrate all the changes into their affected packages. I'd also make > > sure to bump gcc to 8 (ass

Guile-zlib 0.1.0 released

Hi! I’m pleased to announce the second release of Guile-zlib: git clone https://notabug.org/guile-zlib/guile-zlib cd guile-zlib git checkout v0.1.0 # or 429b3c65ee8946d7ced2353efb8710047fd29c57 git tag -v v0.1.0 The ‘git tag -v’ command checks the authenticity of your checkout. You may

Re: guix environment --profile with --ad-hoc

Pierre Neidhardt writes: > It seems to be some thing more than just Guix commands being slow. > On my machine > > > --8<---cut here---start->8--- > $ time guix environment --help >/dev/null > > real 0m0.345s > --8<---cut here---end---

Re: guix environment --profile with --ad-hoc

Lars-Dominik Braun writes: >> My only complaint is that it's still a bit slow: >> Is there anything we can do to speed this up? > yeah, true. I’m think it’s still computing and building derivations, for > example using manifest->derivation for `prof-drv` and then again > built-derivations for `pr

Re: guix environment --profile with --ad-hoc

Hi Pierre, > My only complaint is that it's still a bit slow: > Is there anything we can do to speed this up? yeah, true. I’m think it’s still computing and building derivations, for example using manifest->derivation for `prof-drv` and then again built-derivations for `prof-drv`. Maybe if we make

Re: Release on April 18th?

Hello, Am Fri, Mar 12, 2021 at 12:33:18AM -0800 schrieb Chris Marusich: > The proc man page has this to say about column 7: > (7) optional fields: zero or more fields of the form "tag[:value]" And it goes on like this: (8) separator: the end of the optional fields is marked

Re: guix environment --profile with --ad-hoc

Hi Pierre, On Thu, 11 Mar 2021 at 21:04, Pierre Neidhardt wrote: > My only complaint is that it's still a bit slow: > > --8<---cut here---start->8--- > time guix environment -C --profile=/my/profile -- exit > > real 0m2.372s > --8<---cut here-

Re: Release on April 18th?

Hi Efraim and Ludo, Efraim Flashner writes: > My plan was absolutely to merge master into core-updates after and then > integrate all the changes into their affected packages. I'd also make > sure to bump gcc to 8 (assuming we don't go straight to 9). Sounds good. If we can get powerpc64le-lin

Re: Release on April 18th?

Hello, I rebuilt guix on core-updates with gcc-8 succesfully I'll now try the same above wip-ppc64le. -- Vincent Legoll