Re: Update on distro bootstrapping with Guix

[Marc Lehmann]

On Thu, Oct 11, 2012 at 05:34:11PM +0200, Ludovic Courtès <address@hidden> 
wrote:
> Perhaps you were asking about previously installed packages linked
> against a vulnerable libc, for example?  Again, those packages remain
> vulnerable, until you upgrade to the new version, that links against the
> fixed libc.
> 
> (Similarly, in Debian, packages remain vulnerable until you run “apt-get
> upgrade”.)

Unless packages were statically linked to the libc (something debian
doesn't do) or the security issue is purely in a header file (not likely
with libc), then apt-get upgrade is not required to fix security issues
in the libc - installing a fixed libc version is enough, as glibc/eglibc
support backwards compatibility.

It is to restart running processes to pick up the new libc.

In practise, apt-get upgrade is never required for this kind of security
fix.

-- 
                The choice of a       Deliantra, the free code+content MORPG
      -----==-     _GNU_              http://www.deliantra.net
      ----==-- _       generation
      ---==---(_)__  __ ____  __      Marc Lehmann
      --==---/ / _ \/ // /\ \/ /      address@hidden
      -=====/_/_//_/\_,_/ /_/\_\