GNU bug report logs - #31444
'guix health': a tool to report vulnerable packages

Previous Next

Package: guix-patches;

Reported by: ludo <at> gnu.org (Ludovic Courtès)

Date: Sun, 13 May 2018 22:43:02 UTC

Severity: normal

Tags: patch

Merged with 31442, 31443

Full log

View this message in rfc822 format

From: Martin Castillo <castilma <at> uni-bremen.de>
To: 31444 <at> debbugs.gnu.org
Subject: [bug#31444] 'guix health': a tool to report vulnerable packages
Date: Mon, 14 May 2018 10:06:46 +0200

[Message part 1 (text/plain, inline)]

On 14.05.2018 00:15, Ludovic Courtès wrote:
> [...] shadow <at> 4.6 is available and fixes CVE-2018-7169, consider ugprading
                                                                  ^typo

> Should we satisfy ourselves with the current approach in the meantime?

Release early and often would say yes. But I'm not an experienced developer.

I have the feeling that guix lint does not cache the CVEs it fetches. I
think it should.

-- 
GPG: 7FDE 7190 2F73 2C50 236E  403D CC13 48F1 E644 08EC

[signature.asc (application/pgp-signature, attachment)]

This bug report was last modified 1 year and 273 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #31444 'guix health': a tool to report vulnerable packages

GNU bug report logs - #31444
'guix health': a tool to report vulnerable packages