From unknown Wed Jun 25 00:24:53 2025 X-Loop: help-debbugs@gnu.org Subject: [bug#29158] [PATCH] gnu: ncurses: Update to 6.0-20170930. Resent-From: Marius Bakke Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Sun, 05 Nov 2017 13:39:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 29158 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 29158@debbugs.gnu.org Cc: Marius Bakke X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.150988913526904 (code B ref -1); Sun, 05 Nov 2017 13:39:02 +0000 Received: (at submit) by debbugs.gnu.org; 5 Nov 2017 13:38:55 +0000 Received: from localhost ([127.0.0.1]:51333 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1eBL8S-0006zk-TP for submit@debbugs.gnu.org; Sun, 05 Nov 2017 08:38:55 -0500 Received: from eggs.gnu.org ([208.118.235.92]:38354) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1eBL8O-0006zQ-5T for submit@debbugs.gnu.org; Sun, 05 Nov 2017 08:38:46 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eBL8H-0001aV-11 for submit@debbugs.gnu.org; Sun, 05 Nov 2017 08:38:39 -0500 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50,FREEMAIL_FROM, T_DKIM_INVALID autolearn=disabled version=3.3.2 Received: from lists.gnu.org ([2001:4830:134:3::11]:48898) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1eBL8G-0001aP-TM for submit@debbugs.gnu.org; Sun, 05 Nov 2017 08:38:36 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:57532) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eBL8E-0004dB-SM for guix-patches@gnu.org; Sun, 05 Nov 2017 08:38:36 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eBL8A-0001Y2-OT for guix-patches@gnu.org; Sun, 05 Nov 2017 08:38:34 -0500 Received: from out4-smtp.messagingengine.com ([66.111.4.28]:52893) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1eBL8A-0001Wv-9m for guix-patches@gnu.org; Sun, 05 Nov 2017 08:38:30 -0500 Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.nyi.internal (Postfix) with ESMTP id 8054420AE2; Sun, 5 Nov 2017 08:38:28 -0500 (EST) Received: from frontend1 ([10.202.2.160]) by compute5.internal (MEProxy); Sun, 05 Nov 2017 08:38:28 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fastmail.com; h= cc:date:from:message-id:subject:to:x-me-sender:x-me-sender :x-sasl-enc; s=fm1; bh=E/vB47mUXTGLMFMPri+7z2EWukTQDLj26Dx3C+bbj As=; b=d7k4phBNM0zcA5ZuYuO4z67tIl7mtaa3eKGen3A+j+e0IHq/472nxt4uE RiDB9PWZ9HONJa1Zg+CFUsYHsDd21uBi7DkGlm52jdHZ63bzGlaZmiLn0vTUDIdd qOStV2XU+4ggD/3hoVJSMczqQz1SrWyRyU+FLooKZbDgZTB/RN4jOY8ILgas9hPa u35x21cbVxZeIGCgs45hbHA9KUoA8VxvF1RJyyVD/KQPZxyT+Yse4d6YSkUNS0fn Z5DeDE2iXX7vgTlC4P7vyvAIczmSXyor3MXYEK7naEySROUkAcjx2wPrWn6L96Ix 3vMjc2+eFWPvVExvDOs8nL2wZ/wVg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:date:from:message-id:subject:to :x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=E/vB47mUXTGLMFMPr i+7z2EWukTQDLj26Dx3C+bbjAs=; b=bWvYlS5aOS8qGpLSTKys8y/8zcPbfqyGG BALf/LQ3z2m/zM4nGVKpC+6SBWkl2SpDT10bh2j2H08igUUOe7fjeMim0GGLhhgR rYVbki8CfmqtjLHvDPSs6UgcotEiwBnMiVyigfo6qEN3DGyeCdmi3N6k/JfShp2/ VOs82hHj93owMBoH1Od1WDBdpGs0bamnuMW1lhQQtMCxiT2oYkXAuyJa6ueZRING ud7q5s2kRKTZ8MQO9gWdMVPIntitORYkvkVQeT9/0EnElYpXIS/lvuONUpH2Ew3U JQpD88cXpJaYCog8C/eEQDn62bu8URXpdhl546XDwWqZOvFxmYjXw== X-ME-Sender: Received: from localhost (cm-84.214.173.174.getinternet.no [84.214.173.174]) by mail.messagingengine.com (Postfix) with ESMTPA id 0F6C77FAA1; Sun, 5 Nov 2017 08:38:27 -0500 (EST) From: Marius Bakke Date: Sun, 5 Nov 2017 14:38:24 +0100 Message-Id: <20171105133824.25101-1-mbakke@fastmail.com> X-Mailer: git-send-email 2.15.0 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x X-Received-From: 2001:4830:134:3::11 X-Spam-Score: -4.4 (----) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 0.7 (/) * gnu/packages/ncurses.scm (ncurses): Update to 6.0-20170930. [source](patches): Remove. [source](uri): Adjust to version suffix. [arguments]: Add 'apply-rollup-patch' phase. [native-inputs]: Add a "rollup-patch" origin. * gnu/packages/patches/ncurses-CVE-2017-10684-10685.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it. --- gnu/local.mk | 1 - gnu/packages/ncurses.scm | 33 +++- .../patches/ncurses-CVE-2017-10684-10685.patch | 200 --------------------- 3 files changed, 28 insertions(+), 206 deletions(-) delete mode 100644 gnu/packages/patches/ncurses-CVE-2017-10684-10685.patch diff --git a/gnu/local.mk b/gnu/local.mk index 8e562c018..ecd80d198 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -890,7 +890,6 @@ dist_patch_DATA = \ %D%/packages/patches/mupdf-CVE-2017-15587.patch \ %D%/packages/patches/mupen64plus-ui-console-notice.patch \ %D%/packages/patches/mutt-store-references.patch \ - %D%/packages/patches/ncurses-CVE-2017-10684-10685.patch \ %D%/packages/patches/net-tools-bitrot.patch \ %D%/packages/patches/netcdf-date-time.patch \ %D%/packages/patches/netcdf-tst_h_par.patch \ diff --git a/gnu/packages/ncurses.scm b/gnu/packages/ncurses.scm index 9f5905bc8..5a1486fcc 100644 --- a/gnu/packages/ncurses.scm +++ b/gnu/packages/ncurses.scm @@ -38,12 +38,12 @@ (define-public ncurses (package (name "ncurses") - (version "6.0") + (version "6.0-20170930") (source (origin (method url-fetch) (uri (string-append "mirror://gnu/ncurses/ncurses-" - version ".tar.gz")) - (patches (search-patches "ncurses-CVE-2017-10684-10685.patch")) + (car (string-split version #\-)) + ".tar.gz")) (sha256 (base32 "0q3jck7lna77z5r42f13c4xglc7azd19pxfrjrpgp2yf615w4lgm")))) @@ -71,6 +71,12 @@ (cons (string-append "--host=" target) configure-flags) configure-flags)))))) + (apply-rollup-patch-phase + '(lambda* (#:key inputs #:allow-other-keys) + (copy-file (assoc-ref inputs "rollup-patch") + (string-append (getcwd) "/rollup-patch.sh.bz2")) + (and (zero? (system* "bzip2" "-d" "rollup-patch.sh.bz2")) + (zero? (system* "sh" "rollup-patch.sh"))))) (remove-shebang-phase '(lambda _ ;; To avoid retaining a reference to the bootstrap Bash via the @@ -166,6 +172,8 @@ ,@(if (target-mingw?) '("--enable-term-driver") '())))) #:tests? #f ; no "check" target #:phases (modify-phases %standard-phases + (add-after 'unpack 'apply-rollup-patch + ,apply-rollup-patch-phase) (replace 'configure ,configure-phase) (add-after 'install 'post-install ,post-install-phase) @@ -174,8 +182,23 @@ (add-after 'unpack 'remove-unneeded-shebang ,remove-shebang-phase))))) (self-native-input? #t) ; for `tic' - (native-inputs - `(("pkg-config" ,pkg-config))) + (native-inputs + `(("pkg-config" ,pkg-config) + + ;; Ncurses distributes "stable" patchsets to be applied on top + ;; of the release tarball. These are only available as shell + ;; scripts(!) so we decompress and apply them in a phase. + ;; See . + ("rollup-patch" + ,(origin + (method url-fetch) + (uri (string-append + "https://invisible-mirror.net/archives/ncurses/" + (car (string-split version #\-)) + "/ncurses-" version "-patch.sh.bz2")) + (sha256 + (base32 + "08a1pp8wnj1fwpa1pz3fgrmd6xwp21idniswqz8lx3w3z2nb4ydi")))))) (native-search-paths (list (search-path-specification (variable "TERMINFO_DIRS") diff --git a/gnu/packages/patches/ncurses-CVE-2017-10684-10685.patch b/gnu/packages/patches/ncurses-CVE-2017-10684-10685.patch deleted file mode 100644 index 1f1b26801..000000000 --- a/gnu/packages/patches/ncurses-CVE-2017-10684-10685.patch +++ /dev/null @@ -1,200 +0,0 @@ -Fix CVE-2017-10684 and CVE-2017-10685: - -http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10684 -http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10685 - -Bug reports included proof of concept reproducer inputs: - -https://bugzilla.redhat.com/show_bug.cgi?id=1464684 -https://bugzilla.redhat.com/show_bug.cgi?id=1464685 -https://bugzilla.redhat.com/show_bug.cgi?id=1464686 -https://bugzilla.redhat.com/show_bug.cgi?id=1464687 -https://bugzilla.redhat.com/show_bug.cgi?id=1464688 -https://bugzilla.redhat.com/show_bug.cgi?id=1464691 -https://bugzilla.redhat.com/show_bug.cgi?id=1464692 - -Patches copied from ncurses patch release 20170701: - -ftp://invisible-island.net/ncurses/6.0/ncurses-6.0-20170701.patch.gz - -Excerpt from patch release announcement: - - + add/improve checks in tic's parser to address invalid input - (Redhat #1464684, #1464685, #1464686, #1464691). - + alloc_entry.c, add a check for a null-pointer. - + parse_entry.c, add several checks for valid pointers as well as - one check to ensure that a single character on a line is not - treated as the 2-character termcap short-name. - + the fixes for Redhat #1464685 obscured a problem subsequently - reported in Redhat #1464687; the given test-case was no longer - reproducible. Testing without the fixes for the earlier reports - showed a problem with buffer overflow in dump_entry.c, which is - addressed by reducing the use of a fixed-size buffer. - -https://lists.gnu.org/archive/html/bug-ncurses/2017-07/msg00001.html - ---- ncurses-6.0-20170624+/ncurses/tinfo/alloc_entry.c 2017-04-09 23:33:51.000000000 +0000 -+++ ncurses-6.0-20170701/ncurses/tinfo/alloc_entry.c 2017-06-27 23:48:55.000000000 +0000 -@@ -96,7 +96,11 @@ - { - char *result = 0; - size_t old_next_free = next_free; -- size_t len = strlen(string) + 1; -+ size_t len; -+ -+ if (string == 0) -+ return _nc_save_str(""); -+ len = strlen(string) + 1; - - if (len == 1 && next_free != 0) { - /* ---- ncurses-6.0-20170624+/ncurses/tinfo/parse_entry.c 2017-06-24 22:59:46.000000000 +0000 -+++ ncurses-6.0-20170701/ncurses/tinfo/parse_entry.c 2017-06-28 00:53:12.000000000 +0000 -@@ -236,13 +236,14 @@ - * implemented it. Note that the resulting terminal type was never the - * 2-character name, but was instead the first alias after that. - */ -+#define ok_TC2(s) (isgraph(UChar(s)) && (s) != '|') - ptr = _nc_curr_token.tk_name; - if (_nc_syntax == SYN_TERMCAP - #if NCURSES_XNAMES - && !_nc_user_definable - #endif - ) { -- if (ptr[2] == '|') { -+ if (ok_TC2(ptr[0]) && ok_TC2(ptr[1]) && (ptr[2] == '|')) { - ptr += 3; - _nc_curr_token.tk_name[2] = '\0'; - } -@@ -284,9 +285,11 @@ - if (is_use || is_tc) { - entryp->uses[entryp->nuses].name = _nc_save_str(_nc_curr_token.tk_valstring); - entryp->uses[entryp->nuses].line = _nc_curr_line; -- entryp->nuses++; -- if (entryp->nuses > 1 && is_tc) { -- BAD_TC_USAGE -+ if (VALID_STRING(entryp->uses[entryp->nuses].name)) { -+ entryp->nuses++; -+ if (entryp->nuses > 1 && is_tc) { -+ BAD_TC_USAGE -+ } - } - } else { - /* normal token lookup */ -@@ -588,7 +591,7 @@ - static void - append_acs(string_desc * dst, int code, char *src) - { -- if (src != 0 && strlen(src) == 1) { -+ if (VALID_STRING(src) && strlen(src) == 1) { - append_acs0(dst, code, *src); - } - } -@@ -849,15 +852,14 @@ - } - - if (tp->Strings[to_ptr->nte_index]) { -+ const char *s = tp->Strings[from_ptr->nte_index]; -+ const char *t = tp->Strings[to_ptr->nte_index]; - /* There's no point in warning about it if it's the same - * string; that's just an inefficiency. - */ -- if (strcmp( -- tp->Strings[from_ptr->nte_index], -- tp->Strings[to_ptr->nte_index]) != 0) -+ if (VALID_STRING(s) && VALID_STRING(t) && strcmp(s, t) != 0) - _nc_warning("%s (%s) already has an explicit value %s, ignoring ko", -- ap->to, ap->from, -- _nc_visbuf(tp->Strings[to_ptr->nte_index])); -+ ap->to, ap->from, t); - continue; - } - ---- ncurses-6.0-20170624+/progs/dump_entry.c 2017-06-23 22:47:43.000000000 +0000 -+++ ncurses-6.0-20170701/progs/dump_entry.c 2017-07-01 11:27:29.000000000 +0000 -@@ -841,9 +841,10 @@ - PredIdx num_strings = 0; - bool outcount = 0; - --#define WRAP_CONCAT \ -- wrap_concat(buffer); \ -- outcount = TRUE -+#define WRAP_CONCAT1(s) wrap_concat(s); outcount = TRUE -+#define WRAP_CONCAT2(a,b) wrap_concat(a); WRAP_CONCAT1(b) -+#define WRAP_CONCAT3(a,b,c) wrap_concat(a); WRAP_CONCAT2(b,c) -+#define WRAP_CONCAT WRAP_CONCAT1(buffer) - - len = 12; /* terminfo file-header */ - -@@ -1007,9 +1008,9 @@ - set_attributes = save_sgr; - - trimmed_sgr0 = _nc_trim_sgr0(tterm); -- if (strcmp(capability, trimmed_sgr0)) -+ if (strcmp(capability, trimmed_sgr0)) { - capability = trimmed_sgr0; -- else { -+ } else { - if (trimmed_sgr0 != exit_attribute_mode) - free(trimmed_sgr0); - } -@@ -1046,13 +1047,21 @@ - _nc_SPRINTF(buffer, _nc_SLIMIT(sizeof(buffer)) - "%s=!!! %s WILL NOT CONVERT !!!", - name, srccap); -+ WRAP_CONCAT; - } else if (suppress_untranslatable) { - continue; - } else { - char *s = srccap, *d = buffer; -- _nc_SPRINTF(d, _nc_SLIMIT(sizeof(buffer)) "..%s=", name); -- d += strlen(d); -+ WRAP_CONCAT3("..", name, "="); - while ((*d = *s++) != 0) { -+ if ((d - buffer - 1) >= (int) sizeof(buffer)) { -+ fprintf(stderr, -+ "%s: value for %s is too long\n", -+ _nc_progname, -+ name); -+ *d = '\0'; -+ break; -+ } - if (*d == ':') { - *d++ = '\\'; - *d = ':'; -@@ -1061,13 +1070,12 @@ - } - d++; - } -+ WRAP_CONCAT; - } - } else { -- _nc_SPRINTF(buffer, _nc_SLIMIT(sizeof(buffer)) -- "%s=%s", name, cv); -+ WRAP_CONCAT3(name, "=", cv); - } - len += (int) strlen(capability) + 1; -- WRAP_CONCAT; - } else { - char *src = _nc_tic_expand(capability, - outform == F_TERMINFO, numbers); -@@ -1083,8 +1091,7 @@ - strcpy_DYN(&tmpbuf, src); - } - len += (int) strlen(capability) + 1; -- wrap_concat(tmpbuf.text); -- outcount = TRUE; -+ WRAP_CONCAT1(tmpbuf.text); - } - } - /* e.g., trimmed_sgr0 */ -@@ -1526,7 +1533,8 @@ - } - if (len > critlen) { - (void) fprintf(stderr, -- "warning: %s entry is %d bytes long\n", -+ "%s: %s entry is %d bytes long\n", -+ _nc_progname, - _nc_first_name(tterm->term_names), - len); - SHOW_WHY("# WARNING: this entry, %d bytes long, may core-dump %s libraries!\n", -- 2.15.0 From unknown Wed Jun 25 00:24:53 2025 MIME-Version: 1.0 X-Mailer: MIME-tools 5.505 (Entity 5.505) X-Loop: help-debbugs@gnu.org From: help-debbugs@gnu.org (GNU bug Tracking System) To: Marius Bakke Subject: bug#29158: closed (Re: [PATCH] gnu: ncurses: Update to 6.0-20170930.) Message-ID: References: <87wp2mtitx.fsf@fastmail.com> <20171105133824.25101-1-mbakke@fastmail.com> X-Gnu-PR-Message: they-closed 29158 X-Gnu-PR-Package: guix-patches X-Gnu-PR-Keywords: patch Reply-To: 29158@debbugs.gnu.org Date: Sun, 19 Nov 2017 15:01:02 +0000 Content-Type: multipart/mixed; boundary="----------=_1511103662-801-1" This is a multi-part message in MIME format... ------------=_1511103662-801-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Your bug report #29158: [PATCH] gnu: ncurses: Update to 6.0-20170930. which was filed against the guix-patches package, has been closed. The explanation is attached below, along with your original report. If you require more details, please reply to 29158@debbugs.gnu.org. --=20 29158: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D29158 GNU Bug Tracking System Contact help-debbugs@gnu.org with problems ------------=_1511103662-801-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at 29158-done) by debbugs.gnu.org; 19 Nov 2017 15:00:02 +0000 Received: from localhost ([127.0.0.1]:47655 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1eGR4k-0000AP-7N for submit@debbugs.gnu.org; Sun, 19 Nov 2017 10:00:02 -0500 Received: from out4-smtp.messagingengine.com ([66.111.4.28]:40707) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1eGR4f-00009j-GY for 29158-done@debbugs.gnu.org; Sun, 19 Nov 2017 10:00:00 -0500 Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.nyi.internal (Postfix) with ESMTP id 69FFD20974 for <29158-done@debbugs.gnu.org>; Sun, 19 Nov 2017 09:59:56 -0500 (EST) Received: from frontend2 ([10.202.2.161]) by compute5.internal (MEProxy); Sun, 19 Nov 2017 09:59:56 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fastmail.com; h= content-type:date:from:in-reply-to:message-id:mime-version :references:subject:to:x-me-sender:x-me-sender:x-sasl-enc; s= fm1; bh=CCfZiti7M/hH5xNBzPEwJOzoBZjy4ycxXGliUHlAveE=; b=XxuVpwr3 GwELj1UD+ADas9R/l79Fysd5lP8l81I78yBga2v5NqznAPP+OK8vL/9gvVdPZEEr +zJDYG4OoftQKZ6AZhCieBoDn1iBVrQ4ELNLH/QnEPr1cTs9V7pJWIakx7N+93Rn WJOz8+xS4FO1VGADSoQMgtm1GxZv4eLNDaudqEqAFTO8fmbI7zNn2SyOubWsczdf 6VP9A+2Ra87z7Mk/0CKeLQf4bvDUdvo/QFQNmSJZ7nuMVgI0qFMfstBKn0klow6w T4nMjND1jligFKwiB8OOh/OWqej6C0X+kX4tm46EFYI0Iz/ivG0CNrJrSXthIJVq EgMXoey94lyj+Q== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-sender :x-me-sender:x-sasl-enc; s=fm1; bh=CCfZiti7M/hH5xNBzPEwJOzoBZjy4 ycxXGliUHlAveE=; b=T2af8vUHKMcuymGEnDDCjRG8VpT0Js5JVs+E6ApJpwz0+ 5RBCK03nV7i+uC9Teml6pbRSlqWcvR+MOASkuXAhbzkq3BLDDZCae+nBdGb3UTaK /u84fVdTcF2bfB0GCJjQeHMqVDyy/qoMw6vwShpTVtj+rqESmokzywQgnSKUTLsl cbVkY2YoK7NGbogoJ8xBdV878Et9mGIdAwe+CEEpTioyOvHeu1unUgOK07lMxKjc CB+m5VFcLTZHzJGAE37NxyngB9KTMQeDUO/v7nnnsTL6p9mOwcUA8xKnQr2z2UIS ZNwxfEJYsNudPPqiI0ZD4drNAWA6Oyz+eQ5pkJALg== X-ME-Sender: Received: from localhost (cm-84.214.173.174.getinternet.no [84.214.173.174]) by mail.messagingengine.com (Postfix) with ESMTPA id E7F7124254 for <29158-done@debbugs.gnu.org>; Sun, 19 Nov 2017 09:59:55 -0500 (EST) From: Marius Bakke To: 29158-done@debbugs.gnu.org Subject: Re: [PATCH] gnu: ncurses: Update to 6.0-20170930. In-Reply-To: <20171105133824.25101-1-mbakke@fastmail.com> References: <20171105133824.25101-1-mbakke@fastmail.com> User-Agent: Notmuch/0.25.2 (https://notmuchmail.org) Emacs/25.3.1 (x86_64-pc-linux-gnu) Date: Sun, 19 Nov 2017 15:59:54 +0100 Message-ID: <87wp2mtitx.fsf@fastmail.com> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 29158-done X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.7 (/) --=-=-= Content-Type: text/plain Marius Bakke writes: > * gnu/packages/ncurses.scm (ncurses): Update to 6.0-20170930. > [source](patches): Remove. > [source](uri): Adjust to version suffix. > [arguments]: Add 'apply-rollup-patch' phase. > [native-inputs]: Add a "rollup-patch" origin. > * gnu/packages/patches/ncurses-CVE-2017-10684-10685.patch: Delete file. > * gnu/local.mk (dist_patch_DATA): Remove it. Since there were no comments in two weeks, I have 'staged' this in my local queue for core-updates and will push later today/tomorrow. Ludo: Is the kernel on Hydra upgraded now? Let's start a new 'core' evaluation once this patch makes it. --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEyBAEBCgAdFiEEu7At3yzq9qgNHeZDoqBt8qM6VPoFAloRnGoACgkQoqBt8qM6 VPpAcAf47ObwxfWoNSfb321kpiFCTcoqM0OlALi/v2/ZSTgx5+TfofDQ7Bhb1CYC dTYT7DrFbg/3aac30J9T3AvrsaOiyB72OB5JZh6aPxC8TBLMbqc2Rsrhz58+4SZT YewjG5rI5y9XjAe/cQ52PUcB0O69LIiMAgTVJGNtYpv25KqEGbUjr7KdeHNvxdjs k+mZFFPdpblhjLf8IjE2/osxHeVeQsJrNiay8kiOEe5YegriU+k/gnwFP+sLc26c WZtQLlqLQoJo/yjtrHh2vLyxK3WwyR4WJJPYmrxkaXijj0IRQ9kuAM0nAdSZq96o FaIFXWB5Xc8PV+uxgfAbEJVmH+Yc =Tgjc -----END PGP SIGNATURE----- --=-=-=-- ------------=_1511103662-801-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at submit) by debbugs.gnu.org; 5 Nov 2017 13:38:55 +0000 Received: from localhost ([127.0.0.1]:51333 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1eBL8S-0006zk-TP for submit@debbugs.gnu.org; Sun, 05 Nov 2017 08:38:55 -0500 Received: from eggs.gnu.org ([208.118.235.92]:38354) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1eBL8O-0006zQ-5T for submit@debbugs.gnu.org; Sun, 05 Nov 2017 08:38:46 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eBL8H-0001aV-11 for submit@debbugs.gnu.org; Sun, 05 Nov 2017 08:38:39 -0500 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50,FREEMAIL_FROM, T_DKIM_INVALID autolearn=disabled version=3.3.2 Received: from lists.gnu.org ([2001:4830:134:3::11]:48898) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1eBL8G-0001aP-TM for submit@debbugs.gnu.org; Sun, 05 Nov 2017 08:38:36 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:57532) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eBL8E-0004dB-SM for guix-patches@gnu.org; Sun, 05 Nov 2017 08:38:36 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eBL8A-0001Y2-OT for guix-patches@gnu.org; Sun, 05 Nov 2017 08:38:34 -0500 Received: from out4-smtp.messagingengine.com ([66.111.4.28]:52893) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1eBL8A-0001Wv-9m for guix-patches@gnu.org; Sun, 05 Nov 2017 08:38:30 -0500 Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.nyi.internal (Postfix) with ESMTP id 8054420AE2; Sun, 5 Nov 2017 08:38:28 -0500 (EST) Received: from frontend1 ([10.202.2.160]) by compute5.internal (MEProxy); Sun, 05 Nov 2017 08:38:28 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fastmail.com; h= cc:date:from:message-id:subject:to:x-me-sender:x-me-sender :x-sasl-enc; s=fm1; bh=E/vB47mUXTGLMFMPri+7z2EWukTQDLj26Dx3C+bbj As=; b=d7k4phBNM0zcA5ZuYuO4z67tIl7mtaa3eKGen3A+j+e0IHq/472nxt4uE RiDB9PWZ9HONJa1Zg+CFUsYHsDd21uBi7DkGlm52jdHZ63bzGlaZmiLn0vTUDIdd qOStV2XU+4ggD/3hoVJSMczqQz1SrWyRyU+FLooKZbDgZTB/RN4jOY8ILgas9hPa u35x21cbVxZeIGCgs45hbHA9KUoA8VxvF1RJyyVD/KQPZxyT+Yse4d6YSkUNS0fn Z5DeDE2iXX7vgTlC4P7vyvAIczmSXyor3MXYEK7naEySROUkAcjx2wPrWn6L96Ix 3vMjc2+eFWPvVExvDOs8nL2wZ/wVg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:date:from:message-id:subject:to :x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=E/vB47mUXTGLMFMPr i+7z2EWukTQDLj26Dx3C+bbjAs=; b=bWvYlS5aOS8qGpLSTKys8y/8zcPbfqyGG BALf/LQ3z2m/zM4nGVKpC+6SBWkl2SpDT10bh2j2H08igUUOe7fjeMim0GGLhhgR rYVbki8CfmqtjLHvDPSs6UgcotEiwBnMiVyigfo6qEN3DGyeCdmi3N6k/JfShp2/ VOs82hHj93owMBoH1Od1WDBdpGs0bamnuMW1lhQQtMCxiT2oYkXAuyJa6ueZRING ud7q5s2kRKTZ8MQO9gWdMVPIntitORYkvkVQeT9/0EnElYpXIS/lvuONUpH2Ew3U JQpD88cXpJaYCog8C/eEQDn62bu8URXpdhl546XDwWqZOvFxmYjXw== X-ME-Sender: Received: from localhost (cm-84.214.173.174.getinternet.no [84.214.173.174]) by mail.messagingengine.com (Postfix) with ESMTPA id 0F6C77FAA1; Sun, 5 Nov 2017 08:38:27 -0500 (EST) From: Marius Bakke To: guix-patches@gnu.org Subject: [PATCH] gnu: ncurses: Update to 6.0-20170930. Date: Sun, 5 Nov 2017 14:38:24 +0100 Message-Id: <20171105133824.25101-1-mbakke@fastmail.com> X-Mailer: git-send-email 2.15.0 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x X-Received-From: 2001:4830:134:3::11 X-Spam-Score: -4.4 (----) X-Debbugs-Envelope-To: submit Cc: Marius Bakke X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 0.7 (/) * gnu/packages/ncurses.scm (ncurses): Update to 6.0-20170930. [source](patches): Remove. [source](uri): Adjust to version suffix. [arguments]: Add 'apply-rollup-patch' phase. [native-inputs]: Add a "rollup-patch" origin. * gnu/packages/patches/ncurses-CVE-2017-10684-10685.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it. --- gnu/local.mk | 1 - gnu/packages/ncurses.scm | 33 +++- .../patches/ncurses-CVE-2017-10684-10685.patch | 200 --------------------- 3 files changed, 28 insertions(+), 206 deletions(-) delete mode 100644 gnu/packages/patches/ncurses-CVE-2017-10684-10685.patch diff --git a/gnu/local.mk b/gnu/local.mk index 8e562c018..ecd80d198 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -890,7 +890,6 @@ dist_patch_DATA = \ %D%/packages/patches/mupdf-CVE-2017-15587.patch \ %D%/packages/patches/mupen64plus-ui-console-notice.patch \ %D%/packages/patches/mutt-store-references.patch \ - %D%/packages/patches/ncurses-CVE-2017-10684-10685.patch \ %D%/packages/patches/net-tools-bitrot.patch \ %D%/packages/patches/netcdf-date-time.patch \ %D%/packages/patches/netcdf-tst_h_par.patch \ diff --git a/gnu/packages/ncurses.scm b/gnu/packages/ncurses.scm index 9f5905bc8..5a1486fcc 100644 --- a/gnu/packages/ncurses.scm +++ b/gnu/packages/ncurses.scm @@ -38,12 +38,12 @@ (define-public ncurses (package (name "ncurses") - (version "6.0") + (version "6.0-20170930") (source (origin (method url-fetch) (uri (string-append "mirror://gnu/ncurses/ncurses-" - version ".tar.gz")) - (patches (search-patches "ncurses-CVE-2017-10684-10685.patch")) + (car (string-split version #\-)) + ".tar.gz")) (sha256 (base32 "0q3jck7lna77z5r42f13c4xglc7azd19pxfrjrpgp2yf615w4lgm")))) @@ -71,6 +71,12 @@ (cons (string-append "--host=" target) configure-flags) configure-flags)))))) + (apply-rollup-patch-phase + '(lambda* (#:key inputs #:allow-other-keys) + (copy-file (assoc-ref inputs "rollup-patch") + (string-append (getcwd) "/rollup-patch.sh.bz2")) + (and (zero? (system* "bzip2" "-d" "rollup-patch.sh.bz2")) + (zero? (system* "sh" "rollup-patch.sh"))))) (remove-shebang-phase '(lambda _ ;; To avoid retaining a reference to the bootstrap Bash via the @@ -166,6 +172,8 @@ ,@(if (target-mingw?) '("--enable-term-driver") '())))) #:tests? #f ; no "check" target #:phases (modify-phases %standard-phases + (add-after 'unpack 'apply-rollup-patch + ,apply-rollup-patch-phase) (replace 'configure ,configure-phase) (add-after 'install 'post-install ,post-install-phase) @@ -174,8 +182,23 @@ (add-after 'unpack 'remove-unneeded-shebang ,remove-shebang-phase))))) (self-native-input? #t) ; for `tic' - (native-inputs - `(("pkg-config" ,pkg-config))) + (native-inputs + `(("pkg-config" ,pkg-config) + + ;; Ncurses distributes "stable" patchsets to be applied on top + ;; of the release tarball. These are only available as shell + ;; scripts(!) so we decompress and apply them in a phase. + ;; See . + ("rollup-patch" + ,(origin + (method url-fetch) + (uri (string-append + "https://invisible-mirror.net/archives/ncurses/" + (car (string-split version #\-)) + "/ncurses-" version "-patch.sh.bz2")) + (sha256 + (base32 + "08a1pp8wnj1fwpa1pz3fgrmd6xwp21idniswqz8lx3w3z2nb4ydi")))))) (native-search-paths (list (search-path-specification (variable "TERMINFO_DIRS") diff --git a/gnu/packages/patches/ncurses-CVE-2017-10684-10685.patch b/gnu/packages/patches/ncurses-CVE-2017-10684-10685.patch deleted file mode 100644 index 1f1b26801..000000000 --- a/gnu/packages/patches/ncurses-CVE-2017-10684-10685.patch +++ /dev/null @@ -1,200 +0,0 @@ -Fix CVE-2017-10684 and CVE-2017-10685: - -http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10684 -http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10685 - -Bug reports included proof of concept reproducer inputs: - -https://bugzilla.redhat.com/show_bug.cgi?id=1464684 -https://bugzilla.redhat.com/show_bug.cgi?id=1464685 -https://bugzilla.redhat.com/show_bug.cgi?id=1464686 -https://bugzilla.redhat.com/show_bug.cgi?id=1464687 -https://bugzilla.redhat.com/show_bug.cgi?id=1464688 -https://bugzilla.redhat.com/show_bug.cgi?id=1464691 -https://bugzilla.redhat.com/show_bug.cgi?id=1464692 - -Patches copied from ncurses patch release 20170701: - -ftp://invisible-island.net/ncurses/6.0/ncurses-6.0-20170701.patch.gz - -Excerpt from patch release announcement: - - + add/improve checks in tic's parser to address invalid input - (Redhat #1464684, #1464685, #1464686, #1464691). - + alloc_entry.c, add a check for a null-pointer. - + parse_entry.c, add several checks for valid pointers as well as - one check to ensure that a single character on a line is not - treated as the 2-character termcap short-name. - + the fixes for Redhat #1464685 obscured a problem subsequently - reported in Redhat #1464687; the given test-case was no longer - reproducible. Testing without the fixes for the earlier reports - showed a problem with buffer overflow in dump_entry.c, which is - addressed by reducing the use of a fixed-size buffer. - -https://lists.gnu.org/archive/html/bug-ncurses/2017-07/msg00001.html - ---- ncurses-6.0-20170624+/ncurses/tinfo/alloc_entry.c 2017-04-09 23:33:51.000000000 +0000 -+++ ncurses-6.0-20170701/ncurses/tinfo/alloc_entry.c 2017-06-27 23:48:55.000000000 +0000 -@@ -96,7 +96,11 @@ - { - char *result = 0; - size_t old_next_free = next_free; -- size_t len = strlen(string) + 1; -+ size_t len; -+ -+ if (string == 0) -+ return _nc_save_str(""); -+ len = strlen(string) + 1; - - if (len == 1 && next_free != 0) { - /* ---- ncurses-6.0-20170624+/ncurses/tinfo/parse_entry.c 2017-06-24 22:59:46.000000000 +0000 -+++ ncurses-6.0-20170701/ncurses/tinfo/parse_entry.c 2017-06-28 00:53:12.000000000 +0000 -@@ -236,13 +236,14 @@ - * implemented it. Note that the resulting terminal type was never the - * 2-character name, but was instead the first alias after that. - */ -+#define ok_TC2(s) (isgraph(UChar(s)) && (s) != '|') - ptr = _nc_curr_token.tk_name; - if (_nc_syntax == SYN_TERMCAP - #if NCURSES_XNAMES - && !_nc_user_definable - #endif - ) { -- if (ptr[2] == '|') { -+ if (ok_TC2(ptr[0]) && ok_TC2(ptr[1]) && (ptr[2] == '|')) { - ptr += 3; - _nc_curr_token.tk_name[2] = '\0'; - } -@@ -284,9 +285,11 @@ - if (is_use || is_tc) { - entryp->uses[entryp->nuses].name = _nc_save_str(_nc_curr_token.tk_valstring); - entryp->uses[entryp->nuses].line = _nc_curr_line; -- entryp->nuses++; -- if (entryp->nuses > 1 && is_tc) { -- BAD_TC_USAGE -+ if (VALID_STRING(entryp->uses[entryp->nuses].name)) { -+ entryp->nuses++; -+ if (entryp->nuses > 1 && is_tc) { -+ BAD_TC_USAGE -+ } - } - } else { - /* normal token lookup */ -@@ -588,7 +591,7 @@ - static void - append_acs(string_desc * dst, int code, char *src) - { -- if (src != 0 && strlen(src) == 1) { -+ if (VALID_STRING(src) && strlen(src) == 1) { - append_acs0(dst, code, *src); - } - } -@@ -849,15 +852,14 @@ - } - - if (tp->Strings[to_ptr->nte_index]) { -+ const char *s = tp->Strings[from_ptr->nte_index]; -+ const char *t = tp->Strings[to_ptr->nte_index]; - /* There's no point in warning about it if it's the same - * string; that's just an inefficiency. - */ -- if (strcmp( -- tp->Strings[from_ptr->nte_index], -- tp->Strings[to_ptr->nte_index]) != 0) -+ if (VALID_STRING(s) && VALID_STRING(t) && strcmp(s, t) != 0) - _nc_warning("%s (%s) already has an explicit value %s, ignoring ko", -- ap->to, ap->from, -- _nc_visbuf(tp->Strings[to_ptr->nte_index])); -+ ap->to, ap->from, t); - continue; - } - ---- ncurses-6.0-20170624+/progs/dump_entry.c 2017-06-23 22:47:43.000000000 +0000 -+++ ncurses-6.0-20170701/progs/dump_entry.c 2017-07-01 11:27:29.000000000 +0000 -@@ -841,9 +841,10 @@ - PredIdx num_strings = 0; - bool outcount = 0; - --#define WRAP_CONCAT \ -- wrap_concat(buffer); \ -- outcount = TRUE -+#define WRAP_CONCAT1(s) wrap_concat(s); outcount = TRUE -+#define WRAP_CONCAT2(a,b) wrap_concat(a); WRAP_CONCAT1(b) -+#define WRAP_CONCAT3(a,b,c) wrap_concat(a); WRAP_CONCAT2(b,c) -+#define WRAP_CONCAT WRAP_CONCAT1(buffer) - - len = 12; /* terminfo file-header */ - -@@ -1007,9 +1008,9 @@ - set_attributes = save_sgr; - - trimmed_sgr0 = _nc_trim_sgr0(tterm); -- if (strcmp(capability, trimmed_sgr0)) -+ if (strcmp(capability, trimmed_sgr0)) { - capability = trimmed_sgr0; -- else { -+ } else { - if (trimmed_sgr0 != exit_attribute_mode) - free(trimmed_sgr0); - } -@@ -1046,13 +1047,21 @@ - _nc_SPRINTF(buffer, _nc_SLIMIT(sizeof(buffer)) - "%s=!!! %s WILL NOT CONVERT !!!", - name, srccap); -+ WRAP_CONCAT; - } else if (suppress_untranslatable) { - continue; - } else { - char *s = srccap, *d = buffer; -- _nc_SPRINTF(d, _nc_SLIMIT(sizeof(buffer)) "..%s=", name); -- d += strlen(d); -+ WRAP_CONCAT3("..", name, "="); - while ((*d = *s++) != 0) { -+ if ((d - buffer - 1) >= (int) sizeof(buffer)) { -+ fprintf(stderr, -+ "%s: value for %s is too long\n", -+ _nc_progname, -+ name); -+ *d = '\0'; -+ break; -+ } - if (*d == ':') { - *d++ = '\\'; - *d = ':'; -@@ -1061,13 +1070,12 @@ - } - d++; - } -+ WRAP_CONCAT; - } - } else { -- _nc_SPRINTF(buffer, _nc_SLIMIT(sizeof(buffer)) -- "%s=%s", name, cv); -+ WRAP_CONCAT3(name, "=", cv); - } - len += (int) strlen(capability) + 1; -- WRAP_CONCAT; - } else { - char *src = _nc_tic_expand(capability, - outform == F_TERMINFO, numbers); -@@ -1083,8 +1091,7 @@ - strcpy_DYN(&tmpbuf, src); - } - len += (int) strlen(capability) + 1; -- wrap_concat(tmpbuf.text); -- outcount = TRUE; -+ WRAP_CONCAT1(tmpbuf.text); - } - } - /* e.g., trimmed_sgr0 */ -@@ -1526,7 +1533,8 @@ - } - if (len > critlen) { - (void) fprintf(stderr, -- "warning: %s entry is %d bytes long\n", -+ "%s: %s entry is %d bytes long\n", -+ _nc_progname, - _nc_first_name(tterm->term_names), - len); - SHOW_WHY("# WARNING: this entry, %d bytes long, may core-dump %s libraries!\n", -- 2.15.0 ------------=_1511103662-801-1-- From unknown Wed Jun 25 00:24:53 2025 X-Loop: help-debbugs@gnu.org Subject: [bug#29158] [PATCH] gnu: ncurses: Update to 6.0-20170930. Resent-From: ludo@gnu.org (Ludovic =?UTF-8?Q?Court=C3=A8s?=) Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Mon, 20 Nov 2017 09:37:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 29158 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 29158@debbugs.gnu.org Cc: mbakke@fastmail.com Received: via spool by 29158-submit@debbugs.gnu.org id=B29158.151117060524178 (code B ref 29158); Mon, 20 Nov 2017 09:37:02 +0000 Received: (at 29158) by debbugs.gnu.org; 20 Nov 2017 09:36:45 +0000 Received: from localhost ([127.0.0.1]:48297 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1eGiVQ-0006Hu-NG for submit@debbugs.gnu.org; Mon, 20 Nov 2017 04:36:44 -0500 Received: from hera.aquilenet.fr ([141.255.128.1]:54590) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1eGiVL-0006Hj-QE for 29158@debbugs.gnu.org; Mon, 20 Nov 2017 04:36:43 -0500 Received: from localhost (localhost [127.0.0.1]) by hera.aquilenet.fr (Postfix) with ESMTP id 8B1FBF51A; Mon, 20 Nov 2017 10:36:41 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at aquilenet.fr Received: from hera.aquilenet.fr ([127.0.0.1]) by localhost (hera.aquilenet.fr [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yQqPOMlzADqK; Mon, 20 Nov 2017 10:36:40 +0100 (CET) Received: from ribbon (nat-eduroam-36-gw-01-bso.bordeaux.inria.fr [194.199.1.36]) by hera.aquilenet.fr (Postfix) with ESMTPSA id F195CFD56; Mon, 20 Nov 2017 10:36:39 +0100 (CET) From: ludo@gnu.org (Ludovic =?UTF-8?Q?Court=C3=A8s?=) References: <20171105133824.25101-1-mbakke@fastmail.com> <87wp2mtitx.fsf@fastmail.com> X-URL: http://www.fdn.fr/~lcourtes/ X-Revolutionary-Date: 30 Brumaire an 226 de la =?UTF-8?Q?R=C3=A9volution?= X-PGP-Key-ID: 0x090B11993D9AEBB5 X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5 X-OS: x86_64-pc-linux-gnu Date: Mon, 20 Nov 2017 10:36:37 +0100 In-Reply-To: <87wp2mtitx.fsf@fastmail.com> (Marius Bakke's message of "Sun, 19 Nov 2017 15:59:54 +0100") Message-ID: <87bmjx5m1m.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.3 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 1.0 (+) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 1.0 (+) Hello Marius! Marius Bakke skribis: > Marius Bakke writes: > >> * gnu/packages/ncurses.scm (ncurses): Update to 6.0-20170930. >> [source](patches): Remove. >> [source](uri): Adjust to version suffix. >> [arguments]: Add 'apply-rollup-patch' phase. >> [native-inputs]: Add a "rollup-patch" origin. >> * gnu/packages/patches/ncurses-CVE-2017-10684-10685.patch: Delete file. >> * gnu/local.mk (dist_patch_DATA): Remove it. > > Since there were no comments in two weeks, I have 'staged' this in my > local queue for core-updates and will push later today/tomorrow. Sounds reasonable. > Ludo: Is the kernel on Hydra upgraded now? Let's start a new 'core' > evaluation once this patch makes it. Yes, the kernel is upgraded. These =E2=80=9Ccore=E2=80=9D evaluations are = relatively cheap, so you can start new ones maybe not too often, but without fear (I just did.) Thanks, Ludo=E2=80=99.