[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-gnuzilla] Up-to-date IceCat source tarballs now available via G
|
From: |
Antonio Trande |
|
Subject: |
Re: [Bug-gnuzilla] Up-to-date IceCat source tarballs now available via GNU Guix |
|
Date: |
Mon, 24 Jun 2019 21:40:56 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.7.0 |
Hi Mark.
Where the source is hosted?
On 24/06/19 18:34, Mark H Weaver wrote:
> GNU Guix is now capable of producing up-to-date source tarballs for
> IceCat that should hopefully build on any system that IceCat supports.
>
> For example, GNU Guix has icecat-60.7.2-guix1, which includes fixes for
> CVE-2019-11707 and CVE-2019-11708, which are apparently quite serious
> flaws that are being actively exploited in the wild.
>
> The IceCat source tarballs produced by GNU Guix are almost identical to
> the official IceCat tarballs, except that the timestamps and file
> ordering in the tarball are canonicalized, and a few manifest files
> within the tarball are sorted differently.
>
> After installing Guix <https://gnu.org/s/guix>, the command to produce
> the IceCat tarball is:
>
> guix build --source icecat
>
> Mark
>
> --
> http://gnuzilla.gnu.org
>
--
---
Antonio Trande
Fedora Project
mailto 'sagitter at fedoraproject dot org'
GPG key: 0x6e0331dd1699e4d7
GPG key server: https://keys.fedoraproject.org/
signature.asc
Description: OpenPGP digital signature