Hello,
Rick Huijzer skribis:
> I would like to (may I ?) suggest libusb v1.0.27 to be added to the list of
> packages for the new core-updates team.
Andy Tai skribis:
> Hi, shall changes to non-core packages like ffmpeg still be in the
> scope of core-updates?
>
> ffmpeg, for example, is no w
Hi,
Congratulations to everyone. Great job.
I would like to (may I ?) suggest libusb v1.0.27 to be added to the list of
packages for the new core-updates team.
I know that this might be a quite large effort (3000+ will be rebuilt) but
I'm happy to help testing and maybe bug fixing simple problem
Hi Kaelyn,
[...]
> Yes they can be. As a quick smoke test, prior to these patches
> landing, "vulkaninfo > /dev/null" would consistently print out vulkan
> loader errors about not being able to open
> libVkLayer_MESA_device_select.so. (I call it a smoke test because that
> layer not being found i
Hi,
--- Original Message ---
On Tuesday, May 9th, 2023 at 4:51 AM, John Kehayias
wrote:
>
> Hello,
>
> On Tue, Apr 25, 2023 at 04:40 PM, Kaelyn wrote:
>
> > Hi,
> >
> > --- Original Message ---
> > On Tuesday, April 25th, 2023 at 2:15 PM, Andreas Enge andr...@enge.fr wrote:
Hello,
On Tue, Apr 25, 2023 at 04:40 PM, Kaelyn wrote:
> Hi,
>
> --- Original Message ---
> On Tuesday, April 25th, 2023 at 2:15 PM, Andreas Enge wrote:
>
>> Hello Kaelyn,
>>
>> thanks for your research!
>
> You're welcome! :)
>
>> Am Wed, Apr 19, 2023 at 04:07:51PM + schrieb Kaelyn:
Hi,
--- Original Message ---
On Tuesday, April 25th, 2023 at 2:15 PM, Andreas Enge wrote:
>
>
> Hello Kaelyn,
>
> thanks for your research!
You're welcome! :)
> Am Wed, Apr 19, 2023 at 04:07:51PM + schrieb Kaelyn:
>
> > * https://issues.guix.gnu.org/62176 can be closed when co
Hello Kaelyn,
thanks for your research!
Am Wed, Apr 19, 2023 at 04:07:51PM + schrieb Kaelyn:
> * https://issues.guix.gnu.org/62176 can be closed when core-updates is
> merged, since core-updates contains mesa 22.2.4
> * Though not exactly mesa-related, https://issues.guix.gnu.org/61364 can
gt; You're welcome! :)
Yes, thanks Kaelyn, especially since I believe I said I wanted to help
these patches through for core-updates, before I had to step away for
a bit (all good now!).
>>
>> Am Wed, Apr 19, 2023 at 02:41:57PM + schrieb Kaelyn:
>>
>> Given how ma
--- Original Message ---
On Wednesday, April 19th, 2023 at 3:26 PM, Andreas Enge wrote:
>
>
> Hello,
>
> thanks for bringing this back to our attention!
You're welcome! :)
>
> Am Wed, Apr 19, 2023 at 02:41:57PM + schrieb Kaelyn:
>
> > While I know it is late in the process of
Hello,
thanks for bringing this back to our attention!
Am Wed, Apr 19, 2023 at 02:41:57PM + schrieb Kaelyn:
> While I know it is late in the process of preparing core-updates for merging
> into master, I wanted to ask if it would be possible to have the patch
> addressed prior to the merge?
Hi,
Some time back I mailed in https://issues.guix.gnu.org/59453 to fix an issue
with the manifests for the vulkan layers that ship with mesa. Basically the
error is that the manifests don't include the store path to the referenced
libraries, only the file name. An example the error can be seen
This patch fixes a number of failures in core-updates. I don't know
if there is a better way of doing it, or why it is suddenly necessary.
gnu: Add LDFLAGS=-lpthread to configure-flags where needed.
On 17-02-24 11:55:11, Leo Famulari wrote:
> On Fri, Feb 24, 2017 at 09:40:38AM +, ng0 wrote:
> > On 17-02-24 03:16:43, Leo Famulari wrote:
> > > This updates tcsh to the latest upstream version.
> >
> > some weeks ago I worked on this. Put a significant amount of time into
> > the update, wait
On Fri, Feb 24, 2017 at 09:40:38AM +, ng0 wrote:
> On 17-02-24 03:16:43, Leo Famulari wrote:
> > This updates tcsh to the latest upstream version.
>
> some weeks ago I worked on this. Put a significant amount of time into
> the update, waited for replies and asked upstream about the cdhome
> i
On 17-02-24 03:16:43, Leo Famulari wrote:
> This updates tcsh to the latest upstream version.
>
> Some of the previously disabled tests could be re-enabled after being
> adjusted upstream.
>
> The 'cdtohome' test is disabled since the Guix build user does not have
> a home directory.
Hi,
some w
This updates tcsh to the latest upstream version.
Some of the previously disabled tests could be re-enabled after being
adjusted upstream.
The 'cdtohome' test is disabled since the Guix build user does not have
a home directory.
And one upstream change is cherry-picked to handle a change in sed.
On Thu, Oct 13, 2016 at 10:19:56PM +0200, Ludovic Courtès wrote:
> Leo Famulari skribis:
> > But, I found that the regular approach to grafting does not work for our
> > dbus package. Presumably, it's because (gnu packages glib) exports dbus
> > before defining it.
>
> The #:export at the top sho
Leo Famulari skribis:
> On Mon, Oct 10, 2016 at 10:57:47PM +0200, Ludovic Courtès wrote:
>> Yeah, seems hard to exploit. Apparently even if we’re not using systemd
>> activations we could be vulnerable, because it’s about how specific
>> messages are processed, IIUC.
>>
>> > What do you think?
On Mon, Oct 10, 2016 at 10:57:47PM +0200, Ludovic Courtès wrote:
> Yeah, seems hard to exploit. Apparently even if we’re not using systemd
> activations we could be vulnerable, because it’s about how specific
> messages are processed, IIUC.
>
> > What do you think? Should we update this on core-u
Hello!
Leo Famulari skribis:
> There's a format string vulnerability (with unknown impact) in our dbus:
>
> http://seclists.org/oss-sec/2016/q4/85
>
> Please read that message and the linked bug report.
>
> My understanding of the upsream analysis of the format string
> vulnerability is that onl
John Darrington writes:
> On Mon, Oct 10, 2016 at 02:10:24PM -0400, Kei Kebreau wrote:
>
> Excuse my ignorance, but when is a patch considered significant enough
> to be updated on core-updates instead of master? Put another way, what
> is the purpose of core-updates?
>
> Cor
On Mon, Oct 10, 2016 at 02:10:24PM -0400, Kei Kebreau wrote:
Excuse my ignorance, but when is a patch considered significant enough
to be updated on core-updates instead of master? Put another way, what
is the purpose of core-updates?
Core updates is for those things near the
Leo Famulari writes:
> There's a format string vulnerability (with unknown impact) in our dbus:
>
> http://seclists.org/oss-sec/2016/q4/85
>
> Please read that message and the linked bug report.
>
> My understanding of the upsream analysis of the format string
> vulnerability is that only the bus
There's a format string vulnerability (with unknown impact) in our dbus:
http://seclists.org/oss-sec/2016/q4/85
Please read that message and the linked bug report.
My understanding of the upsream analysis of the format string
vulnerability is that only the bus owner can trigger it. So, if the
vu
-6702-and-CVE-2016-5300.patch,
> > gnu/packages/patches/expat-CVE-2015-1283-refix.patch,
> > gnu/packages/patches/expat-CVE-2016-0718.patch: Delete files.
> > * gnu/local.mk (dist_patch_DATA): Add and remove patches.
>
> OK for core-updates, thank you!
Pushed as b1a782b11aae2fa2bf8450c228638a0fd5cc9c83
iles.
> * gnu/local.mk (dist_patch_DATA): Add and remove patches.
OK for core-updates, thank you!
Ludo’.
This updates Expat to the latest release, 2.2.0, and applies the
upstream patch for a regression caused by the fix for CVE-2016-0718.
It's the same patch that I sent earlier in a patch for the master
branch.
From 69611d71dc4718040bc7bc55117bd2705bad4612 Mon Sep 17 00:00:00 2001
From: Leo Famulari
Leo Famulari skribis:
> On Sun, Jun 12, 2016 at 10:26:53PM +0200, Ludovic Courtès wrote:
[...]
>> Sorry, I explained myself poorly. Here, we (1) grafted Expat in master,
>> (2) upgraded Expat in core-updates, and (3) only after that did we merge
>> master in core-updates, making the merge more
On Sun, Jun 12, 2016 at 10:26:53PM +0200, Ludovic Courtès wrote:
> Leo Famulari skribis:
>
> > On Fri, Jun 10, 2016 at 02:59:49PM +0200, Ludovic Courtès wrote:
> >> Leo Famulari skribis:
> >> > The merge will probably be messy...
> >>
> >> We should leave it to you, to minimize breakage.
> >
>
Leo Famulari skribis:
> On Fri, Jun 10, 2016 at 02:59:49PM +0200, Ludovic Courtès wrote:
>> Leo Famulari skribis:
>> > The merge will probably be messy...
>>
>> We should leave it to you, to minimize breakage.
>
> Okay, should I do it today or is core-updates frozen?
It’s OK if you do it today
On Fri, Jun 10, 2016 at 02:59:49PM +0200, Ludovic Courtès wrote:
> Leo Famulari skribis:
> > The merge will probably be messy...
>
> We should leave it to you, to minimize breakage.
Okay, should I do it today or is core-updates frozen?
> > Off-topic: A regular package and a grafted package on m
Leo Famulari skribis:
> On Thu, Jun 09, 2016 at 12:43:17PM -0400, Leo Famulari wrote:
>> On Wed, Jun 08, 2016 at 01:10:16PM +0300, Efraim Flashner wrote:
>> > FWIW debian's expat-2.1.1(-3) still has the cve-2015-1283 applied.
>>
>> I looked at the expat Git repo and the original fix for CVE-2015
On Thu, Jun 09, 2016 at 12:43:17PM -0400, Leo Famulari wrote:
> On Wed, Jun 08, 2016 at 01:10:16PM +0300, Efraim Flashner wrote:
> > FWIW debian's expat-2.1.1(-3) still has the cve-2015-1283 applied.
>
> I looked at the expat Git repo and the original fix for CVE-2015-1283
> was part of 2.1.1. The
On Wed, Jun 08, 2016 at 01:10:16PM +0300, Efraim Flashner wrote:
> FWIW debian's expat-2.1.1(-3) still has the cve-2015-1283 applied.
I looked at the expat Git repo and the original fix for CVE-2015-1283
was part of 2.1.1. The improvement to the fix must be backported. I will
take the upstream com
On Wed, Jun 08, 2016 at 01:10:16PM +0300, Efraim Flashner wrote:
> On Tue, Jun 07, 2016 at 08:54:05PM -0400, Leo Famulari wrote:
> > gnu: expat: Fix CVE-2016-0718.
> > gnu: Remove unused patch.
> > gnu: libxslt: Update to 1.1.29.
>
> FWIW debian's expat-2.1.1(-3) still has the cve-2015-1283
Efraim Flashner skribis:
> FWIW debian's expat-2.1.1(-3) still has the cve-2015-1283 applied. Also,
> there's 2 new cves, cve-2012-6702 and cve-2016-5300
> https://www.debian.org/security/2016/dsa-3597
> https://sources.debian.net/src/expat/2.1.1-3/debian/patches/
Oh, good catch.
Ludo’.
On Wed, Jun 08, 2016 at 07:50:25AM -0400, Leo Famulari wrote:
> On Wed, Jun 08, 2016 at 01:10:16PM +0300, Efraim Flashner wrote:
> > On Tue, Jun 07, 2016 at 08:54:05PM -0400, Leo Famulari wrote:
> > > Leo Famulari (3):
> > > gnu: expat: Fix CVE-2016-0718.
> > > gnu: Remove unused patch.
> > >
On Wed, Jun 08, 2016 at 01:10:16PM +0300, Efraim Flashner wrote:
> On Tue, Jun 07, 2016 at 08:54:05PM -0400, Leo Famulari wrote:
> > Leo Famulari (3):
> > gnu: expat: Fix CVE-2016-0718.
> > gnu: Remove unused patch.
> > gnu: libxslt: Update to 1.1.29.
>
> FWIW debian's expat-2.1.1(-3) still
On Tue, Jun 07, 2016 at 08:54:05PM -0400, Leo Famulari wrote:
> It was not that simple to make these changes for core-updates, so I'm
> sending the patches for review.
>
> For expat, I "re-fix" a bug that was fixed on master already. This
> bug-fix is actually r
It was not that simple to make these changes for core-updates, so I'm
sending the patches for review.
For expat, I "re-fix" a bug that was fixed on master already. This
bug-fix is actually reachable from the HEAD of core-updates, but for
some reason doesn't exist at HEAD. Ac
Mark merged ‘core-updates’ yesterday (thanks!).
Please report any issues.
Ludo’.
It’s building now!
It may be that some of your favorite packages will fail to build with
4.9, so keep an eye on it.
Ludo’.
Hello!
I think we can soon get core-updates built entirely so we can merge it
afterwards.
Any objections?
Can someone confirm that everything is OK on armhf? (Mark tested a few
days ago, so I guess this should be OK.)
Thanks,
Ludo’.
The two patches look good to me, OK to apply.
Thanks,
Ludo’.
On Fri, Feb 27, 2015 at 01:27:08PM -0500, Mark H Weaver wrote:
> Mark H Weaver writes:
> > Here are two commits I'd like to push to core-updates.
> > Comments and suggestions welcome.
> I should mention that although I tried to be reasonably careful, I've
> not tested these changes beyond making s
Mark H Weaver writes:
> Here are two commits I'd like to push to core-updates.
> Comments and suggestions welcome.
I should mention that although I tried to be reasonably careful, I've
not tested these changes beyond making sure that the *.scm files compile
successfully, because it would obviousl
Here are two commits I'd like to push to core-updates.
Comments and suggestions welcome.
Mark
>From d30e55dcf10b4d090926763dc63725410f31aa9c Mon Sep 17 00:00:00 2001
From: Mark H Weaver
Date: Fri, 27 Feb 2015 11:53:06 -0500
Subject: [PATCH 1/2] gnu: Move autoconf-style phases after the unp
47 matches
Mail list logo
