GNU bug report logs - #29406
[PATCH core-updates]: Add selected upstream fixes for glibc 2.26.

Previous Next

Package: guix-patches;

Reported by: Marius Bakke <mbakke <at> fastmail.com>

Date: Wed, 22 Nov 2017 21:30:02 UTC

Severity: normal

Tags: patch

Done: ludo <at> gnu.org (Ludovic Courtès)

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Marius Bakke <mbakke <at> fastmail.com>
To: Ludovic Courtès <ludo <at> gnu.org>
Cc: 29406 <at> debbugs.gnu.org, Leo Famulari <leo <at> famulari.name>
Subject: [bug#29406] [PATCH core-updates]: Add selected upstream fixes for glibc 2.26.
Date: Tue, 28 Nov 2017 13:54:57 +0100

[Message part 1 (text/plain, inline)]
Ludovic Courtès <ludo <at> gnu.org> writes:

> Hi,
>
> Marius Bakke <mbakke <at> fastmail.com> skribis:
>
>> From a5b022a355a0babdc4809f39f94b6662ea7789d1 Mon Sep 17 00:00:00 2001
>> From: Marius Bakke <mbakke <at> fastmail.com>
>> Date: Sat, 25 Nov 2017 19:17:28 +0100
>> Subject: [PATCH] gnu: glibc: Update to 2.26-91-gaaa2eb83b8.
>>
>> * gnu/packages/base.scm (glibc/linux): Update to 2.26-91-gaaa2eb83b8.
>> [source](uri): Download from alpha.gnu.org.
>> [source](patches): Remove glibc-CVE-2017-15670-15671.patch.
>> ---
>>  gnu/packages/base.scm | 17 ++++++++++++-----
>>  1 file changed, 12 insertions(+), 5 deletions(-)
>>
>> diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm
>> index a6663c5cf..20d5fa72b 100644
>> --- a/gnu/packages/base.scm
>> +++ b/gnu/packages/base.scm
>> @@ -515,14 +515,22 @@ store.")
>>  (define-public glibc/linux
>>    (package
>>     (name "glibc")
>> -   (version "2.26")
>> +   ;; Glibc has stable branches that continuously pick fixes for each supported
>> +   ;; release.  Unfortunately they do not do point-releases, so we are stuck
>> +   ;; with copying almost all patches, or use a snapshot of the release branch.
>> +   ;;
>> +   ;; This version number corresponds to the output of `git describe` and the
>> +   ;; archive can be generated by checking out the commit ID and run:
>> +   ;; git archive --prefix=$(git describe)/ HEAD | xz -9 > $(git describe).tar.xz
>> +   ;; See <https://bugs.gnu.org/29406> for details.
>> +   (version "2.26-91-gaaa2eb83b8")
>>     (source (origin
>>              (method url-fetch)
>> -            (uri (string-append "mirror://gnu/glibc/glibc-"
>> -                                version ".tar.xz"))
>> +            (uri (string-append "https://alpha.gnu.org/gnu/guix/mirror/"
>> +                                "glibc-" version ".tar.xz"))
>>              (sha256
>>               (base32
>> -              "1ggnj1hzjym7sn93rbwydcqd562q73lsb7g7kd199g6j9j9hlkp5"))
>> +              "0867nxcv3n48iq3b5f1hca7cyx8pzjva67rxyslf9l595xd934kx"))
>
> I’ve built the tarball locally with the command above but the hash I get is:
>
>   1zwz6d0x3ndd0hgqp17fx71miyjvn4dgkl1nzhaz3mbcqxzrprhk

Gah.  I used "xz --threads=0" initially and didn't expect it to change
the outcome.

I can reproduce the above hash by running the same command:

$ git archive --prefix=$(git describe)/ HEAD | xz -9 > $(git describe)-nothreads.tar.xz
$ guix hash glibc-2.26-91-gaaa2eb83b8-nothreads.tar.xz
1zwz6d0x3ndd0hgqp17fx71miyjvn4dgkl1nzhaz3mbcqxzrprhk 

Let's stick with the "nothreads" variant for compatibility.

[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 7 years and 235 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.