GNU bug report logs -
#29406
[PATCH core-updates]: Add selected upstream fixes for glibc 2.26.
Previous Next
Reported by: Marius Bakke <mbakke <at> fastmail.com>
Date: Wed, 22 Nov 2017 21:30:02 UTC
Severity: normal
Tags: patch
Done: ludo <at> gnu.org (Ludovic Courtès)
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
[Message part 1 (text/plain, inline)]
Ludovic Courtès <ludo <at> gnu.org> writes:
> Hi,
>
> Marius Bakke <mbakke <at> fastmail.com> skribis:
>
>> From a5b022a355a0babdc4809f39f94b6662ea7789d1 Mon Sep 17 00:00:00 2001
>> From: Marius Bakke <mbakke <at> fastmail.com>
>> Date: Sat, 25 Nov 2017 19:17:28 +0100
>> Subject: [PATCH] gnu: glibc: Update to 2.26-91-gaaa2eb83b8.
>>
>> * gnu/packages/base.scm (glibc/linux): Update to 2.26-91-gaaa2eb83b8.
>> [source](uri): Download from alpha.gnu.org.
>> [source](patches): Remove glibc-CVE-2017-15670-15671.patch.
>> ---
>> gnu/packages/base.scm | 17 ++++++++++++-----
>> 1 file changed, 12 insertions(+), 5 deletions(-)
>>
>> diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm
>> index a6663c5cf..20d5fa72b 100644
>> --- a/gnu/packages/base.scm
>> +++ b/gnu/packages/base.scm
>> @@ -515,14 +515,22 @@ store.")
>> (define-public glibc/linux
>> (package
>> (name "glibc")
>> - (version "2.26")
>> + ;; Glibc has stable branches that continuously pick fixes for each supported
>> + ;; release. Unfortunately they do not do point-releases, so we are stuck
>> + ;; with copying almost all patches, or use a snapshot of the release branch.
>> + ;;
>> + ;; This version number corresponds to the output of `git describe` and the
>> + ;; archive can be generated by checking out the commit ID and run:
>> + ;; git archive --prefix=$(git describe)/ HEAD | xz -9 > $(git describe).tar.xz
>> + ;; See <https://bugs.gnu.org/29406> for details.
>> + (version "2.26-91-gaaa2eb83b8")
>> (source (origin
>> (method url-fetch)
>> - (uri (string-append "mirror://gnu/glibc/glibc-"
>> - version ".tar.xz"))
>> + (uri (string-append "https://alpha.gnu.org/gnu/guix/mirror/"
>> + "glibc-" version ".tar.xz"))
>> (sha256
>> (base32
>> - "1ggnj1hzjym7sn93rbwydcqd562q73lsb7g7kd199g6j9j9hlkp5"))
>> + "0867nxcv3n48iq3b5f1hca7cyx8pzjva67rxyslf9l595xd934kx"))
>
> I’ve built the tarball locally with the command above but the hash I get is:
>
> 1zwz6d0x3ndd0hgqp17fx71miyjvn4dgkl1nzhaz3mbcqxzrprhk
Gah. I used "xz --threads=0" initially and didn't expect it to change
the outcome.
I can reproduce the above hash by running the same command:
$ git archive --prefix=$(git describe)/ HEAD | xz -9 > $(git describe)-nothreads.tar.xz
$ guix hash glibc-2.26-91-gaaa2eb83b8-nothreads.tar.xz
1zwz6d0x3ndd0hgqp17fx71miyjvn4dgkl1nzhaz3mbcqxzrprhk
Let's stick with the "nothreads" variant for compatibility.
[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 7 years and 235 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.