purpose of GnuTLS versions

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

purpose of GnuTLS versions

From:	Jack Hill
Subject:	purpose of GnuTLS versions
Date:	Thu, 26 Jan 2023 00:12:56 -0500 (EST)

Hi Guix,

We currently have two versions of GnuTLS packaged: 3.7.2 represented bythe `gnutls` variable and 3.7.7 represented by the `gnutls-latest`variable. `guix refresh -l` reports that changes to the 3.7.2 versionwould cause 14770 rebuilds, but only 30 rebuilds for the 3.7.7 version. Asfar as I can tell, neither version currently has a replacement (graft).

What is the purpose of these two versions? 3.7.7 is almost the currentrelease [0], but 3.7.2 is an older release in the same series. GnuTLS doeshave two release series [1], stable and next, that correspond to 3.6.x and3.7.x numbering schemes.

It seems to me that the `gnutls` variable should refer to the latest"stable" release, and the `gnutls-latest` variable to latest "next"release. Does that make sense? What am I missing?


It appears that 3.7.2 has some unpatched advisories [2].

[0] https://issues.guix.gnu.org/61064
[1] https://gitlab.com/gnutls/gnutls/-/blob/master/RELEASES.md
[2] https://gnutls.org/security-new.html

Best,
Jack

[Prev in Thread]

Current Thread

[Next in Thread]

purpose of GnuTLS versions, Jack Hill <=
- Re: purpose of GnuTLS versions, Simon Tournier, 2023/01/26
  - Re: purpose of GnuTLS versions, Jack Hill, 2023/01/30
    - Re: purpose of GnuTLS versions, Jack Hill, 2023/01/30
    - Re: purpose of GnuTLS versions, Ludovic Courtès, 2023/01/31
    - Re: purpose of GnuTLS versions, Jack Hill, 2023/01/31
- Re: purpose of GnuTLS versions, Ludovic Courtès, 2023/01/30

Prev by Date: Re: no (package definition) patch merged since Jan 2?
Next by Date: Re: Struggling to write Dissecting Guix, Part 2
Previous by thread: no (package definition) patch merged since Jan 2?
Next by thread: Re: purpose of GnuTLS versions
Index(es):
- Date
- Thread