GNU bug report logs - #27308
[PATCH] gnu: gnutls: Replace with 3.5.13.

Previous Next

Package: guix-patches;

Reported by: Marius Bakke <mbakke <at> fastmail.com>

Date: Sat, 10 Jun 2017 14:00:03 UTC

Severity: normal

Tags: patch

Done: Marius Bakke <mbakke <at> fastmail.com>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Leo Famulari <leo <at> famulari.name>
To: Marius Bakke <mbakke <at> fastmail.com>
Cc: 27308 <at> debbugs.gnu.org
Subject: bug#27308: [PATCH] gnu: gnutls: Replace with 3.5.13.
Date: Sat, 10 Jun 2017 19:05:37 -0400

[Message part 1 (text/plain, inline)]

On Sat, Jun 10, 2017 at 08:07:57PM +0200, Marius Bakke wrote:
> Thinking further about this, replacing a string of a fixed length with
> that of another sounds highly unsafe. So I'm not sure what the best
> approach here is. Maybe some dummy version number like 3.5.a? Or simply
> keep 3.5.9?

We did something similar when grafting bash [0], changing 4.4.0 to
4.4.A. It's not great, but it worked.

[0] commit 50b8a527efe375ac5377670ff0f159fbbce45312 (gnu: bash: Add
graft for patch #7 [fixes CVE-2017-5932].).

https://git.savannah.gnu.org/cgit/guix.git/commit/?id=50b8a527efe375ac5377670ff0f159fbbce45312

[signature.asc (application/pgp-signature, inline)]

This bug report was last modified 7 years and 346 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #27308 [PATCH] gnu: gnutls: Replace with 3.5.13.

GNU bug report logs - #27308
[PATCH] gnu: gnutls: Replace with 3.5.13.