guix-patches
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#29406] [PATCH core-updates]: Add selected upstream fixes for glibc

From: Marius Bakke
Subject: [bug#29406] [PATCH core-updates]: Add selected upstream fixes for glibc 2.26.
Date: Tue, 28 Nov 2017 13:54:57 +0100
User-agent: Notmuch/0.25.2 (https://notmuchmail.org) Emacs/25.3.1 (x86_64-pc-linux-gnu) 
Ludovic Courtès <address@hidden> writes:

> Hi,
>
> Marius Bakke <address@hidden> skribis:
>
>> From a5b022a355a0babdc4809f39f94b6662ea7789d1 Mon Sep 17 00:00:00 2001
>> From: Marius Bakke <address@hidden>
>> Date: Sat, 25 Nov 2017 19:17:28 +0100
>> Subject: [PATCH] gnu: glibc: Update to 2.26-91-gaaa2eb83b8.
>>
>> * gnu/packages/base.scm (glibc/linux): Update to 2.26-91-gaaa2eb83b8.
>> [source](uri): Download from alpha.gnu.org.
>> [source](patches): Remove glibc-CVE-2017-15670-15671.patch.
>> ---
>>  gnu/packages/base.scm | 17 ++++++++++++-----
>>  1 file changed, 12 insertions(+), 5 deletions(-)
>>
>> diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm
>> index a6663c5cf..20d5fa72b 100644
>> --- a/gnu/packages/base.scm
>> +++ b/gnu/packages/base.scm
>> @@ -515,14 +515,22 @@ store.")
>>  (define-public glibc/linux
>>    (package
>>     (name "glibc")
>> -   (version "2.26")
>> +   ;; Glibc has stable branches that continuously pick fixes for each 
>> supported
>> +   ;; release.  Unfortunately they do not do point-releases, so we are stuck
>> +   ;; with copying almost all patches, or use a snapshot of the release 
>> branch.
>> +   ;;
>> +   ;; This version number corresponds to the output of `git describe` and 
>> the
>> +   ;; archive can be generated by checking out the commit ID and run:
>> +   ;; git archive --prefix=$(git describe)/ HEAD | xz -9 > $(git 
>> describe).tar.xz
>> +   ;; See <https://bugs.gnu.org/29406> for details.
>> +   (version "2.26-91-gaaa2eb83b8")
>>     (source (origin
>>              (method url-fetch)
>> -            (uri (string-append "mirror://gnu/glibc/glibc-"
>> -                                version ".tar.xz"))
>> +            (uri (string-append "https://alpha.gnu.org/gnu/guix/mirror/";
>> +                                "glibc-" version ".tar.xz"))
>>              (sha256
>>               (base32
>> -              "1ggnj1hzjym7sn93rbwydcqd562q73lsb7g7kd199g6j9j9hlkp5"))
>> +              "0867nxcv3n48iq3b5f1hca7cyx8pzjva67rxyslf9l595xd934kx"))
>
> I’ve built the tarball locally with the command above but the hash I get is:
>
>   1zwz6d0x3ndd0hgqp17fx71miyjvn4dgkl1nzhaz3mbcqxzrprhk

Gah.  I used "xz --threads=0" initially and didn't expect it to change
the outcome.

I can reproduce the above hash by running the same command:

$ git archive --prefix=$(git describe)/ HEAD | xz -9 > $(git 
describe)-nothreads.tar.xz
$ guix hash glibc-2.26-91-gaaa2eb83b8-nothreads.tar.xz
1zwz6d0x3ndd0hgqp17fx71miyjvn4dgkl1nzhaz3mbcqxzrprhk 

Let's stick with the "nothreads" variant for compatibility.

Attachment: signature.asc
Description: PGP signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]