guix-patches
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#29406] [PATCH core-updates]: Add selected upstream fixes for glibc

From: Marius Bakke
Subject: [bug#29406] [PATCH core-updates]: Add selected upstream fixes for glibc 2.26.
Date: Tue, 28 Nov 2017 18:16:20 +0100
User-agent: Notmuch/0.25.2 (https://notmuchmail.org) Emacs/25.3.1 (x86_64-pc-linux-gnu) 
Ludovic Courtès <address@hidden> writes:

> Marius Bakke <address@hidden> skribis:
>
>> Ludovic Courtès <address@hidden> writes:
>>
>>> Hi,
>>>
>>> Marius Bakke <address@hidden> skribis:
>>>
>>>> From a5b022a355a0babdc4809f39f94b6662ea7789d1 Mon Sep 17 00:00:00 2001
>>>> From: Marius Bakke <address@hidden>
>>>> Date: Sat, 25 Nov 2017 19:17:28 +0100
>>>> Subject: [PATCH] gnu: glibc: Update to 2.26-91-gaaa2eb83b8.
>>>>
>>>> * gnu/packages/base.scm (glibc/linux): Update to 2.26-91-gaaa2eb83b8.
>>>> [source](uri): Download from alpha.gnu.org.
>>>> [source](patches): Remove glibc-CVE-2017-15670-15671.patch.
>>>> ---
>>>>  gnu/packages/base.scm | 17 ++++++++++++-----
>>>>  1 file changed, 12 insertions(+), 5 deletions(-)
>>>>
>>>> diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm
>>>> index a6663c5cf..20d5fa72b 100644
>>>> --- a/gnu/packages/base.scm
>>>> +++ b/gnu/packages/base.scm
>>>> @@ -515,14 +515,22 @@ store.")
>>>>  (define-public glibc/linux
>>>>    (package
>>>>     (name "glibc")
>>>> -   (version "2.26")
>>>> +   ;; Glibc has stable branches that continuously pick fixes for each 
>>>> supported
>>>> +   ;; release.  Unfortunately they do not do point-releases, so we are 
>>>> stuck
>>>> +   ;; with copying almost all patches, or use a snapshot of the release 
>>>> branch.
>>>> +   ;;
>>>> +   ;; This version number corresponds to the output of `git describe` and 
>>>> the
>>>> +   ;; archive can be generated by checking out the commit ID and run:
>>>> +   ;; git archive --prefix=$(git describe)/ HEAD | xz -9 > $(git 
>>>> describe).tar.xz
>>>> +   ;; See <https://bugs.gnu.org/29406> for details.
>>>> +   (version "2.26-91-gaaa2eb83b8")
>>>>     (source (origin
>>>>              (method url-fetch)
>>>> -            (uri (string-append "mirror://gnu/glibc/glibc-"
>>>> -                                version ".tar.xz"))
>>>> +            (uri (string-append "https://alpha.gnu.org/gnu/guix/mirror/";
>>>> +                                "glibc-" version ".tar.xz"))
>>>>              (sha256
>>>>               (base32
>>>> -              "1ggnj1hzjym7sn93rbwydcqd562q73lsb7g7kd199g6j9j9hlkp5"))
>>>> +              "0867nxcv3n48iq3b5f1hca7cyx8pzjva67rxyslf9l595xd934kx"))
>>>
>>> I’ve built the tarball locally with the command above but the hash I get is:
>>>
>>>   1zwz6d0x3ndd0hgqp17fx71miyjvn4dgkl1nzhaz3mbcqxzrprhk
>>
>> Gah.  I used "xz --threads=0" initially and didn't expect it to change
>> the outcome.
>>
>> I can reproduce the above hash by running the same command:
>>
>> $ git archive --prefix=$(git describe)/ HEAD | xz -9 > $(git 
>> describe)-nothreads.tar.xz
>> $ guix hash glibc-2.26-91-gaaa2eb83b8-nothreads.tar.xz
>> 1zwz6d0x3ndd0hgqp17fx71miyjvn4dgkl1nzhaz3mbcqxzrprhk 
>>
>> Let's stick with the "nothreads" variant for compatibility.
>
> OK, it’s now available at
> <https://alpha.gnu.org/gnu/guix/mirror/glibc-2.26-91-gaaa2eb83b8.tar.xz>.
>
> Thank you!

Typical: The 2.26 branch just got 10 new commits that look important:

https://sourceware.org/git/?p=glibc.git;a=shortlog;h=refs/heads/release/2.26/master

Especially the malloc() fixes.  Should we pick them while we still have
time, or update the snapshot?

Attachment: signature.asc
Description: PGP signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]