[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#27429: core-updates and shishi [was Re: bug#27429: Stack clash (CVE-
From: |
Ludovic Courtès |
Subject: |
bug#27429: core-updates and shishi [was Re: bug#27429: Stack clash (CVE-2017-1000366 etc)] |
Date: |
Fri, 30 Jun 2017 00:27:57 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/25.2 (gnu/linux) |
Leo Famulari <address@hidden> skribis:
> On Thu, Jun 29, 2017 at 10:06:08PM +0200, Ludovic Courtès wrote:
>> Leo, let me know when you feel that we should start a new evaluation.
>
> First I want to ungraft today's libgcrypt and poppler replacements.
>
> I also want to apply the attached patch so we can stop using
> libgcrypt-1.5 with Shishi, and instead use the latest libgcrypt. This
> patch does require us to re-bootstrap Shishi, but I think it's worth it
> if it means we can drop the older libgcrypt package. Does anyone have
> feedback on this patch?
It’s a good idea.
> I'll do some local testing of this change in the next few hours and then
> start the evaluation.
>
> From 83fcaa7aac05f499a985ec02db55458e2d719de3 Mon Sep 17 00:00:00 2001
> From: Leo Famulari <address@hidden>
> Date: Thu, 29 Jun 2017 04:11:18 -0400
> Subject: [PATCH] gnu: shishi: Build with latest libgcrypt.
>
> * gnu/packages/patches/shishi-fix-libgcrypt-detection.patch: New file.
> * gnu/local.mk (dist_patch_DATA): Add it.
> * gnu/packages/kerberos.scm (shishi)[source]: Use it.
> [inputs]: Replace libgcrypt-1.5 with libgcrypt.
> [native-inputs]: Add bootstrapping inputs.
> [arguments]: Add a 'bootstrap' phase.
> * gnu/packages/gnupg.scm (libgcrypt-1.5): Remove variable.
[...]
> (method url-fetch)
> (uri (string-append "mirror://gnu/shishi/shishi-"
> version ".tar.gz"))
> + (patches (search-patches "shishi-fix-libgcrypt-detection.patch"))
> (sha256
> (base32
> "032qf72cpjdfffq1yq54gz3ahgqf2ijca4vl31sfabmjzq9q370d"))))
> (build-system gnu-build-system)
> - (native-inputs `(("pkg-config" ,pkg-config)))
> + (arguments
> + `(#:phases
> + (modify-phases %standard-phases
> + (add-before 'configure 'bootstrap
> + (lambda _ (zero? (system* "autoreconf" "-vfi")))))))
> + (native-inputs `(("pkg-config" ,pkg-config)
> + ;; XXX For bootstrapping. Remove for the next Shishi
> + ;; release after 1.0.2.
> + ("autoconf" ,autoconf)
> + ("automake" ,automake)
> + ("gettext" ,gnu-gettext)
> + ("libtool" ,libtool)
> + ("texinfo" ,texinfo)))
I think you can achieve the same result but without adding these
dependencies etc. just by adding:
#:configure-flags '("ac_cv_libgcrypt=yes")
which I think is marginally better (but no big deal).
Thanks,
Ludo’.
- bug#27429: Stack clash (CVE-2017-1000366 etc), (continued)
- bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari, 2017/06/21
- bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari, 2017/06/21
- bug#27429: Stack clash (CVE-2017-1000366 etc), Mark H Weaver, 2017/06/22
- bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari, 2017/06/22
- bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari, 2017/06/22
- bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari, 2017/06/22
- bug#27429: Stack clash (CVE-2017-1000366 etc), Ludovic Courtès, 2017/06/29
- bug#27429: Stack clash (CVE-2017-1000366 etc), Mark H Weaver, 2017/06/29
- bug#27429: Stack clash (CVE-2017-1000366 etc), Ludovic Courtès, 2017/06/29
- bug#27429: core-updates and shishi [was Re: bug#27429: Stack clash (CVE-2017-1000366 etc)], Leo Famulari, 2017/06/29
- bug#27429: core-updates and shishi [was Re: bug#27429: Stack clash (CVE-2017-1000366 etc)],
Ludovic Courtès <=
- bug#27429: core-updates and shishi [was Re: bug#27429: Stack clash (CVE-2017-1000366 etc)], Leo Famulari, 2017/06/30
- bug#27429: core-updates and shishi [was Re: bug#27429: Stack clash (CVE-2017-1000366 etc)], Ludovic Courtès, 2017/06/30
- bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari, 2017/06/23
- bug#27429: Stack clash (CVE-2017-1000366 etc), Mark H Weaver, 2017/06/23
- bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari, 2017/06/23
- bug#27429: Stack clash (CVE-2017-1000366 etc), Mark H Weaver, 2017/06/23
- bug#27429: Stack clash (CVE-2017-1000366 etc), Mark H Weaver, 2017/06/24
- bug#27429: Stack clash (CVE-2017-1000366 etc), Ludovic Courtès, 2017/06/26
- bug#27429: Stack clash (CVE-2017-1000366 etc), Mark H Weaver, 2017/06/26
- bug#27429: Stack clash (CVE-2017-1000366 etc), Ludovic Courtès, 2017/06/27