guix-patches
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#26758: [PATCH] gnu: gnome-shell: Patch CVE-2017-8288.

From: Leo Famulari
Subject: bug#26758: [PATCH] gnu: gnome-shell: Patch CVE-2017-8288.
Date: Fri, 5 May 2017 16:19:09 -0400
User-agent: Mutt/1.8.2 (2017-04-18) 
On Thu, May 04, 2017 at 08:12:01AM -0500, rennes wrote:
> Hello Leo,
> 
> > Thanks! Do we need to graft it, or can we apply the patch directly to
> > gnome-shell? What would need to be rebuilt if we applied the patch
> > directly?

I applied it directly as cc3bc027ebbc924cc60fdcd8e7c8572bd0adf90c. If
that was a mistake, we can graft it in a followup commit.

> I did both tests: the first apply the patch directly, lasted more than
> twelve hours; the second to create the procedure gnome-shell/fixed and it
> did not take more than 10 minutes.

I guess that the first time, you built the fixed gnome-shell. That took
a long time (!!!) for some reason; maybe you had to build its entire
dependency graph from source, or maybe the machine was not powerful.

The next time, when you tried the graft, everything was already built,
so you saw a big speed-up.

> I read about the subject,
> https://www.gnu.org/software/guix/manual/html_node/Security-Updates.html
> 
> but I still do not understand the way to determine how much needs to be
> rebuilt!

As Ludo points out, you can use `guix refresh -l` for this. It's not
100% accurate, but it's pretty good in most cases.

Attachment: signature.asc
Description: PGP signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]