GNU bug report logs

#50698 [PATCH] WIP patches for recently-known hurd security vulnerabilities

PackageSource(s)Maintainer(s)
guix-patches PTS Buildd Popcon
Full log

Message #16 received at 50698@debbugs.gnu.org (full text, mbox, reply):

Received: (at 50698) by debbugs.gnu.org; 8 Oct 2021 07:40:27 +0000
From debbugs-submit-bounces@debbugs.gnu.org Fri Oct 08 03:40:27 2021
Received: from localhost ([127.0.0.1]:48957 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1mYkUV-00079R-7t
	for submit@debbugs.gnu.org; Fri, 08 Oct 2021 03:40:27 -0400
Received: from eggs.gnu.org ([209.51.188.92]:45470)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ludo@gnu.org>) id 1mYkUT-00079C-Hw
 for 50698@debbugs.gnu.org; Fri, 08 Oct 2021 03:40:25 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e]:59956)
 by eggs.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <ludo@gnu.org>)
 id 1mYkUO-0001SI-BN; Fri, 08 Oct 2021 03:40:20 -0400
Received: from [193.50.110.91] (port=39744 helo=ribbon)
 by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@gnu.org>)
 id 1mYkUE-00021c-1b; Fri, 08 Oct 2021 03:40:20 -0400
From: Ludovic Courtès <ludo@gnu.org>
To: Maxime Devos <maximedevos@telenet.be>
Subject: Re: bug#50698: [PATCH] WIP patches for recently-known hurd security
 vulnerabilities
References: <727b3d7ec511589ab714874d6648ee4afa458e3c.camel@telenet.be>
 <87pmskq4mc.fsf@gnu.org>
 <bf180129911ad9c0accc9a17c497bae8bd482ad2.camel@telenet.be>
X-URL: http://www.fdn.fr/~lcourtes/
X-Revolutionary-Date: 17 Vendémiaire an 230 de la
 Révolution
X-PGP-Key-ID: 0x090B11993D9AEBB5
X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc
X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4  0CFB 090B 1199 3D9A EBB5
X-OS: x86_64-pc-linux-gnu
Date: Fri, 08 Oct 2021 09:40:08 +0200
In-Reply-To: <bf180129911ad9c0accc9a17c497bae8bd482ad2.camel@telenet.be>
 (Maxime Devos's message of "Mon, 04 Oct 2021 17:00:43 +0200")
Message-ID: <87wnmo55if.fsf@gnu.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 50698
Cc: 50698@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

Maxime Devos <maximedevos@telenet.be> skribis:

> Ludovic Courtès schreef op ma 04-10-2021 om 15:52 [+0200]:
>> > +(define glibc/fixed
>> > +  (package-with-extra-patches
>> > +   glibc
>> > +   (search-patches "glibc-hurd-sendmsg-SCM_CREDS.patch"
>> > +                   "glibc-hurd-proc-reauth.patch")))
>> 
>> Instead of a replacement, which makes no sense on GNU/Linux, could you
>> add a conditional phase for (hurd-target?) that applies the patches?
>
> A replacement would be useless on GNU/Linux, but harmless.

Performance-wise it would have an impact on GNU/Linux because we’d end
up grafting the new glibc on each and every package.

> Adding a phase (conditional on (hurd-target?)) to glibc
> calling 'patch' on these patches would be possible, but would
> cause a world-rebuild for GNU/Hurd (though not for GNU/Linux).
>
> Because i586-gnu is ‘experimental and under development’
> (according to (guix)GNU Distribution), I suppose the (partial)
> world-rebuild is acceptable here? 

Yes, I think it’s okay to have a world-rebuild limited to i586-gnu, even
more so that the “world” is pretty small there.  :-)
(It essentially stops at ‘util-linux’ currently.)

Thanks,
Ludo’.

Send a report that this bug log contains spam.

debbugs.gnu.org maintainers <help-debbugs@gnu.org>. Last modified: Sun Dec 22 01:19:55 2024; Machine Name: wallace-server

GNU bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.