[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] gnu: ed: Replace with 1.14.1 [fixes security issues].
From: |
Ludovic Courtès |
Subject: |
Re: [PATCH] gnu: ed: Replace with 1.14.1 [fixes security issues]. |
Date: |
Sat, 14 Jan 2017 18:50:25 +0100 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux) |
Mark H Weaver <address@hidden> skribis:
> address@hidden (Ludovic Courtès) writes:
>
>> Leo Famulari <address@hidden> skribis:
>>
>>> On Thu, Jan 12, 2017 at 10:56:51PM +0100, Marius Bakke wrote:
>>>> Leo Famulari <address@hidden> writes:
>>>>
>>>> > On Thu, Jan 12, 2017 at 09:13:53PM +0100, Marius Bakke wrote:
>>>> >> * gnu/packages/ed.scm (ed-1.14.1): New variable.
>>>> >> (ed)[replacement]: New field.
>>>> >
>>>> > Can you add a comment with a link to the bug report?
>>>> >
>>>> > https://lists.gnu.org/archive/html/bug-ed/2017-01/msg00000.html
>>>>
>>>> Good find. I wonder, was this issue only present in the unreleased
>>>> 1.14.0? I can't reproduce it with the current Guix version.
>>>
>>> Good catch; I can only reproduce it with 1.14, and the ed maintainer
>>> points out that it was introduced in 1.14.
>>>
>>>> I'll wait and see what the response on oss-sec is. Maybe we can just
>>>> push the update to core-updates.
>>>
>>> I think it's fine for core-updates.
>>
>> With 200 dependent packages, it could even go to ‘master’.
>
> "guix refresh -l" is _way_ off in this case. 'ed' is a native-input for
> 'patch', which is of course entails a full rebuild.
Oh indeed, sorry for the confusion!
>From the viewpoint of ‘guix refresh -l’, (@ (gnu packages ed) ed) is not
the same package/derivation as the one that ‘patch’ in (@ (gnu packages
commencement) %final-inputs) refers to.
So ‘guix refresh -l’ is not “wrong”, but clearly it fails to capture
something important here.
Ludo’.
- [PATCH] gnu: ed: Replace with 1.14.1 [fixes security issues]., Marius Bakke, 2017/01/12
- Re: [PATCH] gnu: ed: Replace with 1.14.1 [fixes security issues]., John Darrington, 2017/01/12
- Re: [PATCH] gnu: ed: Replace with 1.14.1 [fixes security issues]., Leo Famulari, 2017/01/12
- Re: [PATCH] gnu: ed: Replace with 1.14.1 [fixes security issues]., Marius Bakke, 2017/01/12
- Re: [PATCH] gnu: ed: Replace with 1.14.1 [fixes security issues]., Leo Famulari, 2017/01/12
- Re: [PATCH] gnu: ed: Replace with 1.14.1 [fixes security issues]., Marius Bakke, 2017/01/12
- Re: [PATCH] gnu: ed: Replace with 1.14.1 [fixes security issues]., Ludovic Courtès, 2017/01/13
- Re: [PATCH] gnu: ed: Replace with 1.14.1 [fixes security issues]., Marius Bakke, 2017/01/13
- Re: [PATCH] gnu: ed: Replace with 1.14.1 [fixes security issues]., Mark H Weaver, 2017/01/13
- Re: [PATCH] gnu: ed: Replace with 1.14.1 [fixes security issues].,
Ludovic Courtès <=