[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: GNOME 3.34 in GNU Guix and security

From: Jonathan Brielmaier
Subject: Re: GNOME 3.34 in GNU Guix and security
Date: Thu, 11 Mar 2021 09:24:21 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.8.0

Am 11.03.21 um 09:08 schrieb Ricardo Wurmus:

Léo Le Bouter <> writes:

I must come to the conclusion that using GNOME 3.34 in GNU Guix right
now is just straight out insecure. I would advise we either, get rid of
GNOME, backport all individual security patches (they can be
numerous..), or upgrade GNOME to latest and keep up over time.

I don't think we can afford to spend time backporting security fixes to
the numerous GNOME packages with CVEs, not with current resources, it
is time-consuming.

No, GNOME should be upgraded.  I upgraded it twice in the past, and it’s
a lot of work, but certainly not impossible.

I don’t know if anyone is working on it right now, though.  I was told
months ago that Raghav Gururajan was working on GNOME upgrades as part
of the wip-desktop branch, but my occasional questions for a status
upgrade have gone unanswered.  Raghav, please correct me if I’m
mistaken.  It would be good to clarify what is and isn’t the scope of

I tried rebasing wip-gnome3.36 to master. I'm not done yet... But I
thinks its easier then merging the wip-desktop branch, because that one
is huge and a bit dirty...

reply via email to

[Prev in Thread] Current Thread [Next in Thread]