[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IMPORTANT: glibc security update
From: |
Mark H Weaver |
Subject: |
Re: IMPORTANT: glibc security update |
Date: |
Sun, 21 Feb 2016 18:14:45 -0500 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/25.0.91 (gnu/linux) |
Mark H Weaver <address@hidden> writes:
> Leo Famulari <address@hidden> writes:
>
>> At least two users on #guix (including me) have found that `guix pull`
>> is not fetching the latest snapshot. That is, the downloaded snapshot
>> is of some commit before the CVE-2015-7547 patch was applied.
>>
>> Can you take a look?
>
> Indeed, you are right. The problem is that, by default, "guix pull"
> downloads the latest source from:
>
> http://git.savannah.gnu.org/cgit/guix.git/snapshot/master.tar.gz
>
> and unfortunately, something is currently broken on Savannah, and that
> snapshot is stuck on the commit before the glibc security update :-(
It appears that this problem is now fixed, so the workaround should no
longer be needed.
Mark