GNU bug report logs - #30180
[PATCH] gnu: libsndfile: Fix CVE-2017-12562.

Previous Next

Package: guix-patches;

Reported by: Leo Famulari <leo <at> famulari.name>

Date: Sat, 20 Jan 2018 02:11:01 UTC

Severity: normal

Tags: patch

Done: Leo Famulari <leo <at> famulari.name>

Bug is archived. No further changes may be made.

Full log

Message #8 received at 30180 <at> debbugs.gnu.org (full text, mbox):

From: ludo <at> gnu.org (Ludovic Courtès)
To: Leo Famulari <leo <at> famulari.name>
Cc: 30180 <at> debbugs.gnu.org
Subject: Re: [bug#30180] [PATCH] gnu: libsndfile: Fix CVE-2017-12562.
Date: Tue, 23 Jan 2018 10:20:26 +0100

Leo Famulari <leo <at> famulari.name> skribis:

> I'd like to ungraft this on core-updates, even though it's late in the
> core-updates cycle. Changing libsndfile requires only ~600 rebuilds per
> architecture.
>
> * gnu/packages/patches/libsndfile-CVE-2017-12562.patch: New file.
> * gnu/local.mk (dist_patch_DATA): Add it.
> * gnu/packages/pulseaudio.scm (libsndfile)[replacement]: New field.
> (libsndfile/fixed): New variable.

The patch LGTM!

As for ungrafting, I’ll let you judge.  I would really like to merge
that branch soon, but I haven’t checked in status over the last couple
of days.

Thanks you,
Ludo’.

This bug report was last modified 7 years and 124 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #30180 [PATCH] gnu: libsndfile: Fix CVE-2017-12562.

GNU bug report logs - #30180
[PATCH] gnu: libsndfile: Fix CVE-2017-12562.