bug-guix
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#27429: core-updates and shishi [was Re: bug#27429: Stack clash (CVE-

From: Leo Famulari
Subject: bug#27429: core-updates and shishi [was Re: bug#27429: Stack clash (CVE-2017-1000366 etc)]
Date: Fri, 30 Jun 2017 02:47:14 -0400
User-agent: Mutt/1.8.3 (2017-05-23) 
On Fri, Jun 30, 2017 at 12:27:57AM +0200, Ludovic Courtès wrote:
> > -    (native-inputs `(("pkg-config" ,pkg-config)))
> > +    (arguments
> > +     `(#:phases
> > +       (modify-phases %standard-phases
> > +         (add-before 'configure 'bootstrap
> > +           (lambda _ (zero? (system* "autoreconf" "-vfi")))))))
> > +    (native-inputs `(("pkg-config" ,pkg-config)
> > +                     ;; XXX For bootstrapping. Remove for the next Shishi
> > +                     ;; release after 1.0.2.
> > +                     ("autoconf" ,autoconf)
> > +                     ("automake" ,automake)
> > +                     ("gettext" ,gnu-gettext)
> > +                     ("libtool" ,libtool)
> > +                     ("texinfo" ,texinfo)))
> 
> I think you can achieve the same result but without adding these
> dependencies etc. just by adding:
> 
>   #:configure-flags '("ac_cv_libgcrypt=yes")
> 
> which I think is marginally better (but no big deal).

Yes, that's better. I built Shishi and GSS with it locally, pushed, and
started a core-updates evaluation.

But I don't know if we will hit this evaluation failure also on
core-updates since I merged master:

https://lists.gnu.org/archive/html/guix-devel/2017-06/msg00349.html

Attachment: signature.asc
Description: PGP signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]