[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
purpose of GnuTLS versions
From: |
Jack Hill |
Subject: |
purpose of GnuTLS versions |
Date: |
Thu, 26 Jan 2023 00:12:56 -0500 (EST) |
Hi Guix,
We currently have two versions of GnuTLS packaged: 3.7.2 represented by
the `gnutls` variable and 3.7.7 represented by the `gnutls-latest`
variable. `guix refresh -l` reports that changes to the 3.7.2 version
would cause 14770 rebuilds, but only 30 rebuilds for the 3.7.7 version. As
far as I can tell, neither version currently has a replacement (graft).
What is the purpose of these two versions? 3.7.7 is almost the current
release [0], but 3.7.2 is an older release in the same series. GnuTLS does
have two release series [1], stable and next, that correspond to 3.6.x and
3.7.x numbering schemes.
It seems to me that the `gnutls` variable should refer to the latest
"stable" release, and the `gnutls-latest` variable to latest "next"
release. Does that make sense? What am I missing?
It appears that 3.7.2 has some unpatched advisories [2].
[0] https://issues.guix.gnu.org/61064
[1] https://gitlab.com/gnutls/gnutls/-/blob/master/RELEASES.md
[2] https://gnutls.org/security-new.html
Best,
Jack
- purpose of GnuTLS versions,
Jack Hill <=
Re: purpose of GnuTLS versions, Ludovic Courtès, 2023/01/30