From unknown Sat Jun 21 03:17:22 2025
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Mailer: MIME-tools 5.509 (Entity 5.509)
Content-Type: text/plain; charset=utf-8
From: bug#47144 <47144@debbugs.gnu.org>
To: bug#47144 <47144@debbugs.gnu.org>
Subject: Status: security patching of 'patch' package
Reply-To: bug#47144 <47144@debbugs.gnu.org>
Date: Sat, 21 Jun 2025 10:17:22 +0000

retitle 47144 security patching of 'patch' package
reassign 47144 guix
submitter 47144 Mark H Weaver <mhw@netris.org>
severity 47144 normal
tag 47144 security

thanks


From debbugs-submit-bounces@debbugs.gnu.org Sun Mar 14 17:39:01 2021
Received: (at submit) by debbugs.gnu.org; 14 Mar 2021 21:39:01 +0000
Received: from localhost ([127.0.0.1]:34341 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1lLYRx-00032M-Bf
	for submit@debbugs.gnu.org; Sun, 14 Mar 2021 17:39:01 -0400
Received: from lists.gnu.org ([209.51.188.17]:35168)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <mhw@netris.org>) id 1lLYRv-00032F-Ty
 for submit@debbugs.gnu.org; Sun, 14 Mar 2021 17:39:00 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:55932)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <mhw@netris.org>) id 1lLYRv-0003hB-LP
 for bug-guix@gnu.org; Sun, 14 Mar 2021 17:38:59 -0400
Received: from world.peace.net ([64.112.178.59]:55722)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <mhw@netris.org>) id 1lLYRs-0004M3-QH
 for bug-guix@gnu.org; Sun, 14 Mar 2021 17:38:59 -0400
Received: from mhw by world.peace.net with esmtpsa
 (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92)
 (envelope-from <mhw@netris.org>)
 id 1lLYRr-0001IX-1C; Sun, 14 Mar 2021 17:38:55 -0400
From: Mark H Weaver <mhw@netris.org>
To: bug-guix@gnu.org
Subject: security patching of 'patch' package
References: <6d01d537754ce50b10035903d8e7d205699c4b39.camel@zaclys.net>
Date: Sun, 14 Mar 2021 17:37:25 -0400
Message-ID: <877dm9s9fz.fsf@netris.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="=-=-="
Received-SPF: pass client-ip=64.112.178.59; envelope-from=mhw@netris.org;
 helo=world.peace.net
X-Spam_score_int: -18
X-Spam_score: -1.9
X-Spam_bar: -
X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-Spam-Score: -1.3 (-)
X-Debbugs-Envelope-To: submit
Cc: =?utf-8?Q?L=C3=A9o?= Le Bouter <lle-bout@zaclys.net>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -2.3 (--)

--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

I'm forwarding this to bug-guix@gnu.org so that it won't be forgotten.

       Mark

-------------------- Start of forwarded message --------------------
Subject: security patching of 'patch' package
From: L=C3=A9o Le Bouter <lle-bout@zaclys.net>
To: guix-devel@gnu.org
Date: Wed, 10 Mar 2021 04:14:35 +0100


--=-=-=
Content-Type: multipart/signed; boundary="==-=-="

--==-=-=
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Hello!

I could find that the 'patch' package was vulnerable to numerous CVEs
that other distros like Debian have patched. Here's the list reported
by 'guix lint -c cve patch':

patch@2.7.6: probably vulnerable to CVE-2019-13636, CVE-2019-13638,
CVE-2019-20633, CVE-2018-1000156, CVE-2018-20969, CVE-2018-6951, CVE-
2018-6952

Can I use latest commit from master to build 'patch' then graft
original package?

i.e. https://git.savannah.gnu.org/git/patch.git

There's not that many commits since last release, but lots of time:=20
https://git.savannah.gnu.org/cgit/patch.git/log/

Thank you,
L=C3=A9o

--==-=-=
Content-Type: application/pgp-signature; name=signature.asc
Content-Transfer-Encoding: base64
Content-Description: This is a digitally signed message part

LS0tLS1CRUdJTiBQR1AgU0lHTkFUVVJFLS0tLS0KCmlRSXpCQUFCQ2dBZEZpRUVGSXZMaTlnTCt4
YXgzZzZSUmFpeDZHdk5FS1lGQW1CSU9ac0FDZ2tRUmFpeDZHdk4KRUtZVktoQUFtUWJTMHE2eGdt
b0M1RW8rVDRxWWlMcmc2RWZVTWljWU85STFMQkRGR2ZwODVYSU1qcUF0SWtpRAoyQjFYSkx6WFk3
eFpoZWlLQllManBwdXE1WEhYR01RODBKWmkwbFFFdW9NaDArMURUY3Z2STBVZ3R5ZGp4dmFzCkM5
RFRsaE5URnhtMzY4VzdxeFlSMkp0dHNVc3R5d2VWejI3RFBZOU82MlFSVW55SFJzSnZRWExTSS9D
SFdYRkkKM0RpWHpqakJYb3dzQ3U5YWY2OWZJekJDQlE2QjBRdmtucnlIbml4MUFlVm5TZnUvMFNN
N0JpbXk1QUtPbmprTgpjam5IUXI1TWMrRklWZE91L3B6Z05vVm13Y3pWaHl1L0E4blJlWUlpZVBH
VE1hK0NwdUVyL1ZyZXhxYzNucGNYCmpZem80UCtkL1BSZEFMR2dkT2xHTURkbEFyM1pWSGhTOVA1
YWdRZTlRM1llSlZWU1p6d0g2VHpGVCswS3JFTnkKMkhvTSt6S05CRThxVkxNdURIOUFhWjdYclp5
SkpEb211RG05MjdvamFTblMwc3EwbmJ6ekxXa1NOR25MK2hYago1TkZDbS9RQ2xHeVNjOURNdVpX
Yzc2bnhuMDJCVHlraUtYQzAzUC9HZk1KM0I5N0xldjUxaDVvRWk0VGxLc1JoCmpsTXdKQmFZcDho
NkZQNkVESkxjOGFoYUlLTjhhb29xdXV0Rk9VWG4rSUdCbVlZMXVYVE8wVjBVSnFWejEzMUoKR2Rt
SDRTblZxV3RDYmlLQ1ZMU2d1QXRoUzZFd1NxMEVBekVhZVVWbWkxOFlBKytnT3A2TitGUVNtanBS
a1J3WApqVnd0VG16WW9ML3lLeDI4Q29QYXBGSzdwYTNla0IwVzQzbnc0L0ViNjhxcGJ2bHBYeEk9
Cj1jRVNQCi0tLS0tRU5EIFBHUCBTSUdOQVRVUkUtLS0tLQo=
--==-=-=--

--=-=-=
Content-Type: text/plain

-------------------- End of forwarded message --------------------

--=-=-=--




From debbugs-submit-bounces@debbugs.gnu.org Mon Mar 15 09:43:05 2021
Received: (at control) by debbugs.gnu.org; 15 Mar 2021 13:43:05 +0000
Received: from localhost ([127.0.0.1]:35086 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1lLnUu-0007Cf-Nm
	for submit@debbugs.gnu.org; Mon, 15 Mar 2021 09:43:04 -0400
Received: from eggs.gnu.org ([209.51.188.92]:51318)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ludo@gnu.org>) id 1lLnUt-0007C9-EX
 for control@debbugs.gnu.org; Mon, 15 Mar 2021 09:43:03 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e]:40709)
 by eggs.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <ludo@gnu.org>) id 1lLnUo-00052l-7M
 for control@debbugs.gnu.org; Mon, 15 Mar 2021 09:42:58 -0400
Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=45744 helo=ribbon)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
 (Exim 4.82) (envelope-from <ludo@gnu.org>) id 1lLnUf-00012K-IR
 for control@debbugs.gnu.org; Mon, 15 Mar 2021 09:42:56 -0400
Date: Mon, 15 Mar 2021 14:42:47 +0100
Message-Id: <87r1kgh6so.fsf@gnu.org>
To: control@debbugs.gnu.org
From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@gnu.org>
Subject: control message for bug #47144
MIME-version: 1.0
Content-type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: control
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.7 (-)

tags 47144 + security
quit





From debbugs-submit-bounces@debbugs.gnu.org Mon Mar 15 14:26:18 2021
Received: (at 47144) by debbugs.gnu.org; 15 Mar 2021 18:26:18 +0000
Received: from localhost ([127.0.0.1]:37073 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1lLruz-0005Ma-SK
	for submit@debbugs.gnu.org; Mon, 15 Mar 2021 14:26:18 -0400
Received: from mail.zaclys.net ([178.33.93.72]:34011)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <lle-bout@zaclys.net>) id 1lLrux-0005MH-Jz
 for 47144@debbugs.gnu.org; Mon, 15 Mar 2021 14:26:16 -0400
Received: from localhost.localdomain (82-64-145-38.subs.proxad.net
 [82.64.145.38]) (authenticated bits=0)
 by mail.zaclys.net (8.14.7/8.14.7) with ESMTP id 12FIQ9uP017842
 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO);
 Mon, 15 Mar 2021 19:26:09 +0100
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.zaclys.net 12FIQ9uP017842
Authentication-Results: mail.zaclys.net;
 dmarc=fail (p=reject dis=none) header.from=zaclys.net
Authentication-Results: mail.zaclys.net;
 spf=fail smtp.mailfrom=lle-bout@zaclys.net
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zaclys.net;
 s=default; t=1615832769;
 bh=HcHkofLUZrmqY5CXOL5IV/gAUnyOzi8trgG+S8w2yUA=;
 h=From:To:Cc:Subject:Date:From;
 b=Vd47DqdgMcwFzNL0ce6q2wNE6rl5lFkffDcb/ZuHFzjWO4ED/OLeo+nNKTTm2+KRH
 /1yiJ2UWMmPFfDXoavEQEmbGo+ssqvn+KO77FDOaNZM1vqXMUElze3x1rWCPYCtWFQ
 8P0DdxjYZE9APJJMcGTZyb7b9LsxPly9Va4xlHWg=
From: =?UTF-8?q?L=C3=A9o=20Le=20Bouter?= <lle-bout@zaclys.net>
To: 47144@debbugs.gnu.org
Subject: [PATCH 0/1] gnu: patch: Update to 2.7.6-7623b2d [security fixes].
Date: Mon, 15 Mar 2021 19:26:04 +0100
Message-Id: <20210315182605.25973-1-lle-bout@zaclys.net>
X-Mailer: git-send-email 2.30.2
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 47144
Cc: =?UTF-8?q?L=C3=A9o=20Le=20Bouter?= <lle-bout@zaclys.net>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

I tried something, using patch git repo's master instead of release tarballs, I
am not sure the git repo contains all the fixes, we could alternatively just
pull patches from Debian.

This attempt does not work yet however, it fails on some gnulib source file not
being found for some reason:

gcc: error: parse-datetime.c: No such file or directory
gcc: fatal error: no input files
compilation terminated.

This file seems to be generated by YACC from earlier log.

Léo Le Bouter (1):
  gnu: patch: Update to 2.7.6-7623b2d [security fixes].

 gnu/packages/base.scm | 39 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 39 insertions(+)

-- 
2.30.2





From debbugs-submit-bounces@debbugs.gnu.org Mon Mar 15 14:26:18 2021
Received: (at 47144) by debbugs.gnu.org; 15 Mar 2021 18:26:18 +0000
Received: from localhost ([127.0.0.1]:37075 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1lLrv0-0005Mc-2l
	for submit@debbugs.gnu.org; Mon, 15 Mar 2021 14:26:18 -0400
Received: from mail.zaclys.net ([178.33.93.72]:42759)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <lle-bout@zaclys.net>) id 1lLruy-0005MJ-8u
 for 47144@debbugs.gnu.org; Mon, 15 Mar 2021 14:26:16 -0400
Received: from localhost.localdomain (82-64-145-38.subs.proxad.net
 [82.64.145.38]) (authenticated bits=0)
 by mail.zaclys.net (8.14.7/8.14.7) with ESMTP id 12FIQ9uQ017842
 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO);
 Mon, 15 Mar 2021 19:26:10 +0100
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.zaclys.net 12FIQ9uQ017842
Authentication-Results: mail.zaclys.net;
 dmarc=fail (p=reject dis=none) header.from=zaclys.net
Authentication-Results: mail.zaclys.net;
 spf=fail smtp.mailfrom=lle-bout@zaclys.net
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zaclys.net;
 s=default; t=1615832770;
 bh=QOj4BRk+AUscpF6wkwcItIWRc1DvhgcWiycVrsvjFbU=;
 h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
 b=btERzpNO+RejlLr9L+6LDF6ta2SobDhLoilOfaBxVAvql5R1Ow7jXRWvbyhMRREP4
 Z/NHz9RTvii7HO6keHPsm1mFl7PE7b2SvQ6evYxv7Dq24itQDpP0tDbvQOZVj6RB1Y
 ZDOSvsUdsth8/UvoYtaAbmmmJQeyrf4u60O1kCLM=
From: =?UTF-8?q?L=C3=A9o=20Le=20Bouter?= <lle-bout@zaclys.net>
To: 47144@debbugs.gnu.org
Subject: [PATCH 1/1] gnu: patch: Update to 2.7.6-7623b2d [security fixes].
Date: Mon, 15 Mar 2021 19:26:05 +0100
Message-Id: <20210315182605.25973-2-lle-bout@zaclys.net>
X-Mailer: git-send-email 2.30.2
In-Reply-To: <20210315182605.25973-1-lle-bout@zaclys.net>
References: <20210315182605.25973-1-lle-bout@zaclys.net>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 47144
Cc: =?UTF-8?q?L=C3=A9o=20Le=20Bouter?= <lle-bout@zaclys.net>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

* gnu/packages/base.scm (patch/fixed): New variable.
(patch)[replacement]: Graft.
---
 gnu/packages/base.scm | 39 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 39 insertions(+)

diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm
index 9aa69cfe77..a71b47ac4f 100644
--- a/gnu/packages/base.scm
+++ b/gnu/packages/base.scm
@@ -46,12 +46,14 @@
   #:use-module (gnu packages compression)
   #:use-module (gnu packages perl)
   #:use-module (gnu packages linux)
+  #:use-module (gnu packages autotools)
   #:use-module (gnu packages pcre)
   #:use-module (gnu packages texinfo)
   #:use-module (gnu packages hurd)
   #:use-module (gnu packages pkg-config)
   #:use-module (gnu packages python)
   #:use-module (gnu packages gettext)
+  #:use-module (gnu packages version-control)
   #:use-module (guix i18n)
   #:use-module (guix utils)
   #:use-module (guix packages)
@@ -228,6 +230,7 @@ standard utility.")
                (base32
                 "1zfqy4rdcy279vwn2z1kbv19dcfw25d2aqy9nzvdkq5bjzd0nqdc"))
               (patches (search-patches "patch-hurd-path-max.patch"))))
+   (replacement patch/fixed)
    (build-system gnu-build-system)
    (arguments
     ;; Work around a cross-compilation bug whereby libpatch.a would provide
@@ -246,6 +249,42 @@ differences.")
    (license gpl3+)
    (home-page "https://savannah.gnu.org/projects/patch/")))
 
+(define patch/fixed
+  (let ((commit "7623b2dc0d1837ecfd58f32efc78e35834deeb38"))
+    (package/inherit patch
+      (name "patch")
+      (version "2.7.6")
+      ;; (version (string-append "2.7.6-" (string-take commit 7)))
+      (source
+       (origin
+         (method git-fetch)
+         (uri (git-reference
+               (url "https://git.savannah.gnu.org/git/patch.git")
+               (commit commit)
+               (recursive? #t)))
+         (file-name (git-file-name name version))
+         (sha256
+          (base32
+           "0k3i95gkbi21lipadlg1zd03d928b65x322q08xgdg461vnw2i6h"))
+         (patches (search-patches "patch-hurd-path-max.patch"))))
+      (arguments
+       (substitute-keyword-arguments (package-arguments patch)
+         ((#:phases phases '%standard-phases)
+           `(modify-phases ,phases
+             (replace 'bootstrap
+               (lambda* (#:key inputs #:allow-other-keys)
+                 (substitute* (list "gnulib/gnulib-tool"
+                                    "gnulib/build-aux/git-version-gen")
+                   (("/bin/sh") (which "sh")))
+                 (invoke "bash" "bootstrap" "--no-git"
+                         "--gnulib-srcdir=gnulib")
+                 #t))))))
+      (native-inputs
+       `(("autoconf" ,autoconf)
+         ("automake" ,automake)
+         ("git" ,git-minimal)
+         ,@(package-native-inputs patch))))))
+
 (define-public diffutils
   (package
    (name "diffutils")
-- 
2.30.2





From debbugs-submit-bounces@debbugs.gnu.org Thu Mar 18 17:59:05 2021
Received: (at submit) by debbugs.gnu.org; 18 Mar 2021 21:59:05 +0000
Received: from localhost ([127.0.0.1]:48242 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1lN0fY-0002aR-Q0
	for submit@debbugs.gnu.org; Thu, 18 Mar 2021 17:59:05 -0400
Received: from lists.gnu.org ([209.51.188.17]:54790)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ludo@gnu.org>) id 1lN0fX-0002aK-Cf
 for submit@debbugs.gnu.org; Thu, 18 Mar 2021 17:59:03 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:41964)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@gnu.org>) id 1lN0fX-0004eQ-3o
 for bug-guix@gnu.org; Thu, 18 Mar 2021 17:59:03 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e]:37274)
 by eggs.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <ludo@gnu.org>)
 id 1lN0fW-0002h6-8b; Thu, 18 Mar 2021 17:59:02 -0400
Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=56064 helo=ribbon)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
 (Exim 4.82) (envelope-from <ludo@gnu.org>)
 id 1lN0fT-0003in-Dy; Thu, 18 Mar 2021 17:59:00 -0400
From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@gnu.org>
To: =?utf-8?Q?L=C3=A9o?= Le Bouter via Bug reports for GNU Guix
 <bug-guix@gnu.org>
Subject: Re: bug#47144: [PATCH 1/1] gnu: patch: Update to 2.7.6-7623b2d
 [security fixes].
References: <20210315182605.25973-1-lle-bout@zaclys.net>
 <20210315182605.25973-2-lle-bout@zaclys.net>
X-URL: http://www.fdn.fr/~lcourtes/
X-Revolutionary-Date: 28 =?utf-8?Q?Vent=C3=B4se?= an 229 de la =?utf-8?Q?R?=
 =?utf-8?Q?=C3=A9volution?=
X-PGP-Key-ID: 0x090B11993D9AEBB5
X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc
X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4  0CFB 090B 1199 3D9A EBB5
X-OS: x86_64-pc-linux-gnu
Date: Thu, 18 Mar 2021 22:58:56 +0100
In-Reply-To: <20210315182605.25973-2-lle-bout@zaclys.net> (=?utf-8?Q?=22L?=
 =?utf-8?Q?=C3=A9o?= Le Bouter via
 Bug reports for GNU Guix"'s message of "Mon, 15 Mar 2021 19:26:05
 +0100")
Message-ID: <87lfakjf8f.fsf@gnu.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: submit
Cc: =?utf-8?Q?L=C3=A9o?= Le Bouter <lle-bout@zaclys.net>, 47144@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

Hi,

L=C3=A9o Le Bouter via Bug reports for GNU Guix <bug-guix@gnu.org> skribis:

> * gnu/packages/base.scm (patch/fixed): New variable.
> (patch)[replacement]: Graft.

It=E2=80=99s (almost) useless to provide a graft of =E2=80=98patch=E2=80=99=
 because patch is
usually a build-time only dependency.  (Maybe we can tell it=E2=80=99s not
vulnerable to the issues at hand because in that context it=E2=80=99s always
given controlled input: the package patches.)

What could be useful is to provide a second version of patch so that
people running =E2=80=98guix install patch=E2=80=99 or similar get the newe=
r version.

HTH,
Ludo=E2=80=99.




From debbugs-submit-bounces@debbugs.gnu.org Wed Mar 24 00:06:33 2021
Received: (at control) by debbugs.gnu.org; 24 Mar 2021 04:06:33 +0000
Received: from localhost ([127.0.0.1]:33694 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1lOumu-0005lF-Sj
	for submit@debbugs.gnu.org; Wed, 24 Mar 2021 00:06:33 -0400
Received: from out1-smtp.messagingengine.com ([66.111.4.25]:54559)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <leo@famulari.name>) id 1lOumu-0005l0-0L
 for control@debbugs.gnu.org; Wed, 24 Mar 2021 00:06:32 -0400
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43])
 by mailout.nyi.internal (Postfix) with ESMTP id 00DAB5C00A6;
 Wed, 24 Mar 2021 00:06:27 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162])
 by compute3.internal (MEProxy); Wed, 24 Mar 2021 00:06:27 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name;
 h=date:from:to:message-id:mime-version:content-type; s=mesmtp;
 bh=cUzHWhlGR3wC+bHCNkVYv1pLnZKlAmeM2w5IIOGJO/Q=; b=hYoywwDcb45H
 +FnMoujfkLjlL2O862lHA5gu19YnLcGkyedy4g2r+8zkuxkV/0wCDl3ZYARsyaoQ
 gncttRvwfOB0FMOE2wn2BZGKsMDDR2NHFRvDuLmgLVE9W73e+f1eYRNLEHxLS4t2
 q5jQWE6lWCJQQtJYSFhL1sFjiC5+NHU=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=content-type:date:from:message-id
 :mime-version:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender
 :x-sasl-enc; s=fm2; bh=cUzHWhlGR3wC+bHCNkVYv1pLnZKlAmeM2w5IIOGJO
 /Q=; b=oBY0abGUV0V94XVxdUGYaDcNx44jbdINXGMiVoENwErL1yEyiGyJbPQDK
 KgbgNvQpHxuXtUvKddIOXBy+bW7zjdDZ6pCHF1UvgbbVyy7zARHXbgQJjqfnkoCp
 ZyzdR6eTojVI18aQnLJahMvztuvcnJvvpZ3JTPK5cXLzOGKf87Wa1h8WokpQfozP
 1NG4H8Sc6HYjzRVTP+1Q0xA/mhIJKoETs8nKC9USahQ11JAQbaqB1Cpn6Y8s9xG7
 U/fZIKBTlgGmSup44lnPYSzJwJd7bhKfPY19kMaWM7TtSioka1WU9C9wWYCuy6Z+
 nmVqk+OOVCF+IbVpUS0FVk6RCNd4Q==
X-ME-Sender: <xms:wrpaYI2TQhPhqkd8M4wRh-EXFqOLsJG09o_LC8m_vKGAt_qjZ3SR8Q>
 <xme:wrpaYDGd25ewn6f51GNC6Er43JdFw3ebn9ANwFUgVC5uajwmZBqy5yBY8_8Oz3MCL
 mh4DIzjSwsoFboaMw>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrudegjedgieejucetufdoteggodetrfdotf
 fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
 uceurghilhhouhhtmecufedttdenucfgmhhpthihuchsuhgsjhgvtghtucdluddtmdenuc
 fjughrpeffhffvkfggtggusehttdertddttddvnecuhfhrohhmpefnvghoucfhrghmuhhl
 rghrihcuoehlvghosehfrghmuhhlrghrihdrnhgrmhgvqeenucggtffrrghtthgvrhhnpe
 fhjeeigfefvedvfeetheegledtkeevuddtgedtudeiteehteegvdefffduffefffenucfk
 phepuddttddruddurdduieelrdduudeknecuvehluhhsthgvrhfuihiivgeptdenucfrrg
 hrrghmpehmrghilhhfrhhomheplhgvohesfhgrmhhulhgrrhhirdhnrghmvg
X-ME-Proxy: <xmx:wrpaYA5MSFZy4M_M6fQcw-zX2m2a-SApeKKm3wMnBkAU6eoCz5MR3g>
 <xmx:wrpaYB1i6DZoRlJoAukHpKnHyfJmy_aidd7fDS7cf80v-FmcXfMcFA>
 <xmx:wrpaYLGYF_6RkEB7FuzkHXUW9NQnCkCFGBVcK9TRlIgptLq8H1E8fQ>
 <xmx:wrpaYPQC60dqI7leSwvgwV39W0YoLAmFCVNUJxV6VPfdpBc8ulTmBA>
Received: from localhost (pool-100-11-169-118.phlapa.fios.verizon.net
 [100.11.169.118])
 by mail.messagingengine.com (Postfix) with ESMTPA id C6F7224041D
 for <control@debbugs.gnu.org>; Wed, 24 Mar 2021 00:06:26 -0400 (EDT)
Date: Wed, 24 Mar 2021 00:06:25 -0400
From: Leo Famulari <leo@famulari.name>
To: control@debbugs.gnu.org
Message-ID: <YFq6wUqi070//Gk+@jasmine.lan>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-Spam-Score: 2.3 (++)
X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 Content preview:  block 47297 with 47140 block 47297 with 47141 block 47297
 with 47142 block 47297 with 47143 block 47297 with 47144 
 Content analysis details:   (2.3 points, 10.0 required)
 pts rule name              description
 ---- ---------------------- --------------------------------------------------
 0.0 RCVD_IN_MSPIKE_H3      RBL: Good reputation (+3)
 [66.111.4.25 listed in wl.mailspike.net]
 -0.7 RCVD_IN_DNSWL_LOW      RBL: Sender listed at https://www.dnswl.org/,
 low trust [66.111.4.25 listed in list.dnswl.org]
 -0.0 SPF_PASS               SPF: sender matches SPF record
 -0.0 SPF_HELO_PASS          SPF: HELO matches SPF record
 0.0 RCVD_IN_MSPIKE_WL      Mailspike good senders
 1.8 MISSING_SUBJECT        Missing Subject: header
 0.2 NO_SUBJECT             Extra score for no subject
 1.0 BODY_EMPTY             No body text in message
X-Debbugs-Envelope-To: control
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: 1.3 (+)
X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 
 Content preview:  block 47297 with 47140 block 47297 with 47141 block 47297
   with 47142 block 47297 with 47143 block 47297 with 47144 
 
 Content analysis details:   (1.3 points, 10.0 required)
 
  pts rule name              description
 ---- ---------------------- --------------------------------------------------
  0.0 RCVD_IN_MSPIKE_H3      RBL: Good reputation (+3)
                             [66.111.4.25 listed in wl.mailspike.net]
 -0.7 RCVD_IN_DNSWL_LOW      RBL: Sender listed at https://www.dnswl.org/,
                             low trust
                             [66.111.4.25 listed in list.dnswl.org]
 -0.0 SPF_PASS               SPF: sender matches SPF record
 -0.0 SPF_HELO_PASS          SPF: HELO matches SPF record
  0.0 RCVD_IN_MSPIKE_WL      Mailspike good senders
 -1.0 MAILING_LIST_MULTI     Multiple indicators imply a widely-seen list
                             manager
  1.8 MISSING_SUBJECT        Missing Subject: header
  0.2 NO_SUBJECT             Extra score for no subject
  1.0 BODY_EMPTY             No body text in message

block 47297 with 47140
block 47297 with 47141
block 47297 with 47142
block 47297 with 47143
block 47297 with 47144




From debbugs-submit-bounces@debbugs.gnu.org Wed Apr 14 17:54:42 2021
Received: (at 47144) by debbugs.gnu.org; 14 Apr 2021 21:54:42 +0000
Received: from localhost ([127.0.0.1]:35963 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1lWnT8-000293-Fw
	for submit@debbugs.gnu.org; Wed, 14 Apr 2021 17:54:42 -0400
Received: from out2-smtp.messagingengine.com ([66.111.4.26]:41109)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <leo@famulari.name>) id 1lWnT6-00028n-0R
 for 47144@debbugs.gnu.org; Wed, 14 Apr 2021 17:54:41 -0400
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43])
 by mailout.nyi.internal (Postfix) with ESMTP id 777C15C009E;
 Wed, 14 Apr 2021 17:54:34 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163])
 by compute3.internal (MEProxy); Wed, 14 Apr 2021 17:54:34 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name;
 h=date:from:to:cc:subject:message-id:references:mime-version
 :content-type:in-reply-to; s=mesmtp; bh=6f4axvg7upunPgsTJ1Ddy9PM
 rWm1KoqNYks/tTWjmZA=; b=O9gN0ex6+5NJza+gZcX32ZJwR3QmRmRoBfF71Y99
 NWB0uXDZ42+qE5jtzRdhtWJWPNNxKEgvyyO/UETM4l1b5LXLYyqpCWQQupQZ4VVh
 JlvJlEtnFurRt/zAtMLNoJZRcHDLzk/KKbqCqCn1YKGh5EUE/b714DjhqPI0FSCA
 bzw=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=cc:content-type:date:from:in-reply-to
 :message-id:mime-version:references:subject:to:x-me-proxy
 :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=6f4axv
 g7upunPgsTJ1Ddy9PMrWm1KoqNYks/tTWjmZA=; b=m1v9ttJQPDsD2dElU0bL3Z
 +I5cwlsFR3gS/+sERLqN3U0csgeEMLGQ6XMRV9JSpVseT4jbDwufxJayBD1JapLO
 IFAf1bsmorVwCo14rMerJf6l7915bqUaNh4PI6X691k0mEOTAORjM7gDmMqEniW1
 7cHtj9qDAwkuXUmmNLIsq5dzkAT0WKAU1By3IwpZMLu/SCnc/rKRGIKM69Ur8Mx5
 QjmGQkLepp3UNckYYrgSrZU/zgfybPZe773ieaA12uSF5RS20lNMjszpCAYihiFv
 +1t5jGcwlqZFHKVUWMIlwMOOoCpSDTRwsd6vClELOEeoUyXJZdoK5WIhzjaEx1UA
 ==
X-ME-Sender: <xms:mmR3YBE07usNUmTqky1yvKCEnYZRc4Qda1SU_TbeqCHxR5C73AAjtQ>
 <xme:mmR3YGWN1Xx35K8rx4oxZZ1_Ceq_BambLALDZEre4DaTezbSHUPLL4X4bPyjkTH-c
 pOkCi5-OJvRBA3isw>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrudelvddgtddvucetufdoteggodetrfdotf
 fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
 uceurghilhhouhhtmecufedttdenucenucfjughrpeffhffvuffkfhggtggujgesthdtre
 dttddtvdenucfhrhhomhepnfgvohcuhfgrmhhulhgrrhhiuceolhgvohesfhgrmhhulhgr
 rhhirdhnrghmvgeqnecuggftrfgrthhtvghrnhepueekkedtffdvtddugeejgedtvefhue
 efiedvjeeitdeigedtveejvdejheffvefgnecukfhppedutddtrdduuddrudeiledruddu
 keenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehlvg
 hosehfrghmuhhlrghrihdrnhgrmhgv
X-ME-Proxy: <xmx:mmR3YDJKcup8Nf3jCj53wwClYEWDb7FxCgtVbqi8uyJuHQE9ItYgRw>
 <xmx:mmR3YHHvTYjgobOBdT5aTVdBz3IhHjPthTlNK9lEzXrilacULMxXYg>
 <xmx:mmR3YHU9vgQu-jukaVqjbBx68zJG44VDTsYLdnhSoLnLB_9IkRhvrg>
 <xmx:mmR3YOAntlShncIj6kRt8I-VnCxZ7wFl6tYwtQ44NkqGzhfFqXXjwQ>
Received: from localhost (pool-100-11-169-118.phlapa.fios.verizon.net
 [100.11.169.118])
 by mail.messagingengine.com (Postfix) with ESMTPA id 1A7A01080057;
 Wed, 14 Apr 2021 17:54:34 -0400 (EDT)
Date: Wed, 14 Apr 2021 17:54:28 -0400
From: Leo Famulari <leo@famulari.name>
To: Mark H Weaver <mhw@netris.org>
Subject: Re: bug#47144: security patching of 'patch' package
Message-ID: <YHdklP7565AtJ4uR@jasmine.lan>
References: <6d01d537754ce50b10035903d8e7d205699c4b39.camel@zaclys.net>
 <877dm9s9fz.fsf@netris.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <877dm9s9fz.fsf@netris.org>
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 47144
Cc: 47144@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.7 (-)

On Sun, Mar 14, 2021 at 05:37:25PM -0400, Mark H Weaver wrote:
> patch@2.7.6: probably vulnerable to CVE-2019-13636, CVE-2019-13638,
> CVE-2019-20633, CVE-2018-1000156, CVE-2018-20969, CVE-2018-6951, CVE-
> 2018-6952

I tried building a "fixed" package of patch, cherry-picking bug fix
patches from patch.git.

Unfortunately, the patches largely don't apply to the most recent
release of patch.

Since there is no release fixing these bugs, and no clear advice about
which patches to apply, I'm going to stop working on this for now.




From debbugs-submit-bounces@debbugs.gnu.org Wed Apr 14 17:55:05 2021
Received: (at control) by debbugs.gnu.org; 14 Apr 2021 21:55:05 +0000
Received: from localhost ([127.0.0.1]:35968 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1lWnTU-0002AA-QI
	for submit@debbugs.gnu.org; Wed, 14 Apr 2021 17:55:04 -0400
Received: from out2-smtp.messagingengine.com ([66.111.4.26]:39795)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <leo@famulari.name>) id 1lWnTT-00029U-5r
 for control@debbugs.gnu.org; Wed, 14 Apr 2021 17:55:03 -0400
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43])
 by mailout.nyi.internal (Postfix) with ESMTP id E94485C0108;
 Wed, 14 Apr 2021 17:54:57 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163])
 by compute3.internal (MEProxy); Wed, 14 Apr 2021 17:54:57 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name;
 h=date:from:to:message-id:mime-version:content-type; s=mesmtp;
 bh=rDpA5dIR1inqFcXoV5biyYADV3Zsa0rSv4grVu24RlA=; b=WJCAl3wTNhat
 UylOKs3CQuh0eO2tWnOtW5DBE3X466wxLNqq5Fv8BNeviKsUoBRUQ44f+8VecZBK
 8mq7Kxldw1UZOWjWQ6wwmOTf6Yn5FbZ07Cpdf7OKqx8u+g8ua07Vn9IRHnkzmhvg
 lljR9lwJb2oFfznK5LsIx36UcJg/apk=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=content-type:date:from:message-id
 :mime-version:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender
 :x-sasl-enc; s=fm2; bh=rDpA5dIR1inqFcXoV5biyYADV3Zsa0rSv4grVu24R
 lA=; b=izAiJ2OtTtz7LWQ8W5pdfIdjo5N0+OUhqupjyqTsfGTvzHYKTrvYMej5Y
 f/ZIMdcsod6tBM9eoVdb+8GsdRu60uBCqeN39PCnHsyLh/v1EJbWFyyZiROdB30t
 M4SrpMehOC7VNlxqaC71x5mhLjrRjYpiigNXMYuphQhzLd88wGrK6ef7N1abp4UP
 WeR8Jdtz6ryIgoXhYZvadYyaIuv9X1PZMMTypsB33Qk8HmokrFUPvv4Ag1cN81Lu
 u31caghjZMaKAZDDzoiI2MP7RLJZhSnKA0ulmWfRuBW4k0lgIBiCcnlSufDtlz3x
 L0qlFa5V/rGIr0Rtwbg2LcFWFkwfg==
X-ME-Sender: <xms:sWR3YAnfRwv0nsAj2ujsfKKpG95sDcD9_AJ48PcpDDueDaEfjPpb9g>
 <xme:sWR3YP0oPhLrLnCkF1Rg6v1io1bI7qBppvxSe0ZLOeLA2rIHB8hTgB1zoEO9y30zO
 TAt3YcMioj-94fEZg>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrudelvddgtddvucetufdoteggodetrfdotf
 fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
 uceurghilhhouhhtmecufedttdenucfgmhhpthihuchsuhgsjhgvtghtucdluddtmdenuc
 fjughrpeffhffvkfggtggusehttdortddttddvnecuhfhrohhmpefnvghoucfhrghmuhhl
 rghrihcuoehlvghosehfrghmuhhlrghrihdrnhgrmhgvqeenucggtffrrghtthgvrhhnpe
 evieeugedvheeugfetveefjefgtdfgveegvefhieetheetueeftdeifeeggfeiheenucfk
 phepuddttddruddurdduieelrdduudeknecuvehluhhsthgvrhfuihiivgeptdenucfrrg
 hrrghmpehmrghilhhfrhhomheplhgvohesfhgrmhhulhgrrhhirdhnrghmvg
X-ME-Proxy: <xmx:sWR3YOoZ58PM8zUfUsKY6yM1CJkwqo2rqKGRjFK9fRpZWBC_zHDuiw>
 <xmx:sWR3YMmwSR8HMtCx0WGc5BVo4jfb73DZppwWwJRBCQ6P3kMiLD8bsA>
 <xmx:sWR3YO2fxAo4X_9QZSeYahWJd8oMdPzZ8pt3p8jg4UzOOuqD0xOjhA>
 <xmx:sWR3YPDBZ3dPN4MKKCY612idfoa80iNSAQkC4J9wq5X6t3-SHsq7Gw>
Received: from localhost (pool-100-11-169-118.phlapa.fios.verizon.net
 [100.11.169.118])
 by mail.messagingengine.com (Postfix) with ESMTPA id BBB69108005B
 for <control@debbugs.gnu.org>; Wed, 14 Apr 2021 17:54:57 -0400 (EDT)
Date: Wed, 14 Apr 2021 17:54:56 -0400
From: Leo Famulari <leo@famulari.name>
To: control@debbugs.gnu.org
Message-ID: <YHdksDadnrKDcbUD@jasmine.lan>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-Spam-Score: 1.3 (+)
X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 Content preview:  unblock 47297 with 47144 
 Content analysis details:   (1.3 points, 10.0 required)
 pts rule name              description
 ---- ---------------------- --------------------------------------------------
 0.0 RCVD_IN_MSPIKE_H3      RBL: Good reputation (+3)
 [66.111.4.26 listed in wl.mailspike.net]
 -0.7 RCVD_IN_DNSWL_LOW      RBL: Sender listed at https://www.dnswl.org/,
 low trust [66.111.4.26 listed in list.dnswl.org]
 -0.0 SPF_PASS               SPF: sender matches SPF record
 -0.0 SPF_HELO_PASS          SPF: HELO matches SPF record
 0.0 RCVD_IN_MSPIKE_WL      Mailspike good senders
 1.8 MISSING_SUBJECT        Missing Subject: header
 0.2 NO_SUBJECT             Extra score for no subject
X-Debbugs-Envelope-To: control
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: 0.3 (/)

unblock 47297 with 47144




From debbugs-submit-bounces@debbugs.gnu.org Tue Mar 22 23:03:56 2022
Received: (at 47144) by debbugs.gnu.org; 23 Mar 2022 03:03:56 +0000
Received: from localhost ([127.0.0.1]:42330 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1nWrHv-0001SP-Ty
	for submit@debbugs.gnu.org; Tue, 22 Mar 2022 23:03:56 -0400
Received: from mail-qk1-f171.google.com ([209.85.222.171]:43983)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maxim.cournoyer@gmail.com>) id 1nWrHu-0001SE-Hb
 for 47144@debbugs.gnu.org; Tue, 22 Mar 2022 23:03:54 -0400
Received: by mail-qk1-f171.google.com with SMTP id p25so165441qkj.10
 for <47144@debbugs.gnu.org>; Tue, 22 Mar 2022 20:03:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112;
 h=from:to:cc:subject:references:date:in-reply-to:message-id
 :user-agent:mime-version:content-transfer-encoding;
 bh=MBldBzLV2BM4TYQRePuhj/yxIO0lcHA0Cck0HkDoMEw=;
 b=I38PclbGwvCnF6zh+bGnVuLb5a4xhEKbf4rWm7o48mTGxYStAVoJZQUpZ8n4VWhwx6
 T1kH6CuwenfRfOBwwM2M2432XCJRdiMshEwJK5UVB9tQ6liOAWqbbV7w/i1pSUO5TEhG
 3u/Iui+IsaTT2sHu2w0LrtZWlKpFySegaQ4seCQdogFwP4q2qG412R1cxqSkLfwjTO3I
 CLAogSFnYlbUTl5e8izdmNxUoZvE8SkFnrqFtn6b5rHtCSk4WXkXhZMLxPZsd+6LK8VH
 ogy+LOei3+CGcmP1JrxoOUOOWj/N8N8mO25vqvHNm3giVk5MnZEh/8vePoymRt2nac+2
 D0fA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=x-gm-message-state:from:to:cc:subject:references:date:in-reply-to
 :message-id:user-agent:mime-version:content-transfer-encoding;
 bh=MBldBzLV2BM4TYQRePuhj/yxIO0lcHA0Cck0HkDoMEw=;
 b=s3hDdVqJXoIWb5weMFXQRGp+MZJqya3DEN6UDNGn3pguURm0JFJVu153N1azDe8D+I
 U5aVNWqclrj/9LGmnPZAyRxMfVKmlNPwz7fHwXpo9aQ0Pkdx3VJpkaWNz7X/6szk7u4k
 yHh3rcsMZsp+S+Ntbgr0ggothXnBhTzkHLdCZA4m8tC1xh8hoOks5NuDuSCRqXUfKABY
 zzY+xeHsL20K+7dOo8Z5aiK1hklS8ROmYXG7algi1MgvtpcNI4zPuKO38F8pu/xsrK8f
 PD5XmDgQl3WB+rD1jfTuDZglpMGUmvxzlbMMxc8SPSA4s04qa2flZMj9skNnXbVTiCni
 FSQQ==
X-Gm-Message-State: AOAM532pSe9ETcuPIacpKpKG0VHczlTWYetW2Ql4lbt01kP35p2b2fhG
 mOASO/JzVQccA8sFvvt1JZo=
X-Google-Smtp-Source: ABdhPJz0XCrjNR+V7yKTHUitUs7g0PnNUgMZb8MH9iKeCKIfqZ8AZ3KBLKAwmOPNoJE2UxLlMuIXFA==
X-Received: by 2002:a05:620a:22f9:b0:67d:1561:f4f4 with SMTP id
 p25-20020a05620a22f900b0067d1561f4f4mr17394459qki.217.1648004629074; 
 Tue, 22 Mar 2022 20:03:49 -0700 (PDT)
Received: from hurd (dsl-10-129-199.b2b2c.ca. [72.10.129.199])
 by smtp.gmail.com with ESMTPSA id
 y12-20020a05622a164c00b002e1e277885esm14648703qtj.8.2022.03.22.20.03.48
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Tue, 22 Mar 2022 20:03:48 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
To: Ludovic =?utf-8?Q?Court=C3=A8s?= <ludo@gnu.org>
Subject: Re: bug#47144: security patching of 'patch' package
References: <20210315182605.25973-1-lle-bout@zaclys.net>
 <20210315182605.25973-2-lle-bout@zaclys.net> <87lfakjf8f.fsf@gnu.org>
Date: Tue, 22 Mar 2022 23:03:47 -0400
In-Reply-To: <87lfakjf8f.fsf@gnu.org> ("Ludovic =?utf-8?Q?Court=C3=A8s=22'?=
 =?utf-8?Q?s?= message of "Thu, 18 Mar 2021 22:58:56 +0100")
Message-ID: <87mthhz7xo.fsf_-_@gmail.com>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -0.0 (/)
X-Debbugs-Envelope-To: 47144
Cc: lle-bout@zaclys.net, 47144@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Hi,

Ludovic Court=C3=A8s <ludo@gnu.org> writes:

> Hi,
>
> L=C3=A9o Le Bouter via Bug reports for GNU Guix <bug-guix@gnu.org> skribi=
s:
>
>> * gnu/packages/base.scm (patch/fixed): New variable.
>> (patch)[replacement]: Graft.
>
> It=E2=80=99s (almost) useless to provide a graft of =E2=80=98patch=E2=80=
=99 because patch is
> usually a build-time only dependency.  (Maybe we can tell it=E2=80=99s not
> vulnerable to the issues at hand because in that context it=E2=80=99s alw=
ays
> given controlled input: the package patches.)
>
> What could be useful is to provide a second version of patch so that
> people running =E2=80=98guix install patch=E2=80=99 or similar get the ne=
wer version.

The latest release of patch is the one we have, v2.7.6, made 4 years
ago.

Thanks,

Maxim




From debbugs-submit-bounces@debbugs.gnu.org Thu May 30 23:03:03 2024
Received: (at 47144) by debbugs.gnu.org; 31 May 2024 03:03:03 +0000
Received: from localhost ([127.0.0.1]:52891 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1sCsXn-0002Kq-BK
	for submit@debbugs.gnu.org; Thu, 30 May 2024 23:03:03 -0400
Received: from mail-qt1-f174.google.com ([209.85.160.174]:43111)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maxim.cournoyer@gmail.com>) id 1sCsXk-0002KI-W0
 for 47144@debbugs.gnu.org; Thu, 30 May 2024 23:03:02 -0400
Received: by mail-qt1-f174.google.com with SMTP id
 d75a77b69052e-43fb094da40so15357281cf.0
 for <47144@debbugs.gnu.org>; Thu, 30 May 2024 20:02:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1717124503; x=1717729303; darn=debbugs.gnu.org;
 h=content-transfer-encoding:mime-version:message-id:date:subject:cc
 :to:from:from:to:cc:subject:date:message-id:reply-to;
 bh=5E5NObfeQ2xGwjmqYSl37dg0ZylMtPTouOl0caKhuB0=;
 b=K4QOAoiSxc+4E78hFiTfUCwhQzNWBfR5SthMladbnp3y6Bk8h7TS4JtR7evcY7WKw/
 ML0d3gXCpOFnGUCnqM2X8BbLjgDR43zqjMdrmUVtI3BpXnQWjCTfzO8FZWXOEUeUSj8Y
 Ljc6n9edZtyn5/TtUQNra0uqwoWde3dzOpiRFf2rHNB/tcF5qgkhIfk6qA2pDOQxxBmW
 RZUdiOA5ulgWyjBB+g4SSeRtPYr+4WLBi+pAiIk1yqqVtouE0InJyLeWJ9AEFqPPMMzi
 mkxqpBfjTBVq2x7Bp4kY/4bPkNwgFV0R7xA1GAfc//dQ8IVKrItipsU4OmyK5w7YXUiK
 EBRw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1717124503; x=1717729303;
 h=content-transfer-encoding:mime-version:message-id:date:subject:cc
 :to:from:x-gm-message-state:from:to:cc:subject:date:message-id
 :reply-to;
 bh=5E5NObfeQ2xGwjmqYSl37dg0ZylMtPTouOl0caKhuB0=;
 b=jtkckNpqeKip75nIYQqxKzO4NLpEkwgh0XYo1gOLyYIgu/nFN7vYmYMdpwXqv/cKiq
 qLvXvZ+upda9VfKGrYHh0ZO/rJPQHDMKNrRtu4ltQ/+03xlEHfgSLx5jkxZQ3NAJnKAC
 fsse/NM0u0rRYzfC4Hla0OyG6BegFPDnyJt0myTSzlCKrGLp0+BmN6w5wYCLWxm9lJCu
 wNd/TsdUWuUHQFxHtdnoEV5eItVzuWw8jFDe08+PogQ5T98lAcddgP/wUiQ19rNMzfPc
 ZYx9QZDU1GeZZBh4E2VtsO7KWFDBMcWFmXRyiIZzvROLIDevvN8byWsyZauGlZp4RPq2
 0tlw==
X-Gm-Message-State: AOJu0YxTz5LhknhrkL0mgsQ08K3qSHMM9ou0V6yFE39uVIAzIBfFhChD
 BTf6MKJv7z1jX7v4jXwDN15+YoMpcZ2/kXaKePQ/rVXFj7ZLdgMjCk5l1Q==
X-Google-Smtp-Source: AGHT+IGPDF0eK7/ghD7x9VbYlrhK26OdDFlzR0z8XXpHpSWCuxPsuzwp8X0I3OXuicqf/0GHXmfpYg==
X-Received: by 2002:ac8:570d:0:b0:439:b456:25b6 with SMTP id
 d75a77b69052e-43febff40dcmr57648901cf.30.1717124503218; 
 Thu, 30 May 2024 20:01:43 -0700 (PDT)
Received: from localhost.localdomain (dsl-205-233-124-92.b2b2c.ca.
 [205.233.124.92]) by smtp.gmail.com with ESMTPSA id
 d75a77b69052e-43ff259ba48sm4036491cf.95.2024.05.30.20.01.41
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Thu, 30 May 2024 20:01:42 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
To: 47144@debbugs.gnu.org
Subject: [PATCH 1/3] gnu: ucd: Update to 15.1.0.
Date: Thu, 30 May 2024 22:59:19 -0400
Message-ID: <28b457771ab0e7ad87cb65600a5898f68be5074a.1717124361.git.maxim.cournoyer@gmail.com>
X-Mailer: git-send-email 2.41.0
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 47144
Cc: =?UTF-8?q?Ludovic=20Court=C3=A8s?= <ludo@gnu.org>,
 Vivien Kraus <vivien@planete-kraus.eu>,
 Maxim Cournoyer <maxim.cournoyer@gmail.com>, Leo Famulari <leo@famulari.name>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

* gnu/packages/unicode.scm (ucd): Update to 15.1.0.

Change-Id: I0828544c35eef90a8f76c2084362ee4594189244
---

 gnu/packages/unicode.scm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gnu/packages/unicode.scm b/gnu/packages/unicode.scm
index 23f08a2aab..fe188ed71d 100644
--- a/gnu/packages/unicode.scm
+++ b/gnu/packages/unicode.scm
@@ -77,14 +77,14 @@ (define-public libunibreak
 (define-public ucd
   (package
     (name "ucd")
-    (version "15.0.0")
+    (version "15.1.0")
     (source
      (origin
        (method url-fetch/zipbomb)
        (uri (string-append "https://www.unicode.org/Public/zipped/" version
                            "/UCD.zip"))
        (sha256
-        (base32 "133inqn33hcfvylmps63yjr6rrqrfq6x7a5hr5fd51z6yc0f9gaz"))))
+        (base32 "0xv10nkvg6451415imvb0qx72ljp0hv9f8h1sl6509ir0lync76b"))))
     (build-system copy-build-system)
     (arguments
      '(#:install-plan

base-commit: eb4dc1b9ae3779419b047e2f4c7b5879353956a6
-- 
2.41.0





From debbugs-submit-bounces@debbugs.gnu.org Thu May 30 23:03:10 2024
Received: (at 47144) by debbugs.gnu.org; 31 May 2024 03:03:10 +0000
Received: from localhost ([127.0.0.1]:52894 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1sCsXt-0002LD-Mg
	for submit@debbugs.gnu.org; Thu, 30 May 2024 23:03:10 -0400
Received: from mail-qt1-f182.google.com ([209.85.160.182]:57725)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maxim.cournoyer@gmail.com>) id 1sCsXq-0002KR-2x
 for 47144@debbugs.gnu.org; Thu, 30 May 2024 23:03:08 -0400
Received: by mail-qt1-f182.google.com with SMTP id
 d75a77b69052e-43fd2809723so7817741cf.3
 for <47144@debbugs.gnu.org>; Thu, 30 May 2024 20:02:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1717124508; x=1717729308; darn=debbugs.gnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=KEt8mocoud+G8Y7k13FYhg5PAmb+afiA5uy0zVTQ938=;
 b=WT2ydoMXb2a2vGWkM8j8J377xs2jcpiMwCo/seekJ+P4H3qE4JDoMV7Zg24jxujgkI
 /buXRj4MyxNgDtlT4YuwaSHQZpJwKTsBalE0nRinqiKsI72Z5zMp3bddeNStk0PzWAVc
 XGrM78HthDAtkvLX4xFUbiFvYfQw1t0NnHLdOCAC3tUCmnmEDpudodUU1p8B+ydUJXAL
 GVYD7miGeCvUJ753hm5rTiO+nCrWxm1uHEFyB3G17jLkkU7OtXyj5WkZAkUibNhGJ8bX
 reyHDiOBFd/Zg90GWceD/FYJor8A8YU4MgR4qKYJ6vljjlgMPZcqFn+1XVRZwnLyaYWQ
 Nk/w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1717124508; x=1717729308;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=KEt8mocoud+G8Y7k13FYhg5PAmb+afiA5uy0zVTQ938=;
 b=OqYxrTLKyF+yjueTNUxEo6f0wnOlwzdazoK1WU43VD5pZDT55qW3YLhRuHgonBMpCN
 Ik7VsHz8hWohRQURRONVkcSq8UvpeqJmMQA5LJSYkLPrfBnBFoE/o87ErgcYwAGQDTj+
 Gi8HzOAaSWol/KchKIxOAcIjCPo2IhKkPiupKk4g+m+0DlXMw/uHp5VEYcepEJKC6nMV
 GKy23p5KhhtlNHoAbctnO+7uiy5sS07/ZkHUzfr2gWIB6oIndj2HJW0t8tKZ62EAIqrE
 gvmIzooKFiOqzajlwnNpFv7FQvSdqvPgORj67Jy/HZs6Sw50Cu/LHSLq0v/Barw8srC8
 jNfg==
X-Gm-Message-State: AOJu0YwU/4K2dN1ZTPnKhho+UVXmJ2PJ/3bLmCQJy9mO9O/7rG0GIvUz
 hxb2OZeWDqGiWbNngcC/x6Zj0boeLU7C97jZHYBMFT/dRt2YDLZ0EYKOuw==
X-Google-Smtp-Source: AGHT+IGOTpOe2Ag0xf9fA7bmiimPQTJbVRdte4ZEFYwbbeTpynACOKfSxAqWPXj/NaE3vjMPujGynA==
X-Received: by 2002:a05:622a:252:b0:43e:3d52:3e12 with SMTP id
 d75a77b69052e-43ff5261ee9mr6567741cf.35.1717124507988; 
 Thu, 30 May 2024 20:01:47 -0700 (PDT)
Received: from localhost.localdomain (dsl-205-233-124-92.b2b2c.ca.
 [205.233.124.92]) by smtp.gmail.com with ESMTPSA id
 d75a77b69052e-43ff259ba48sm4036491cf.95.2024.05.30.20.01.47
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Thu, 30 May 2024 20:01:47 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
To: 47144@debbugs.gnu.org
Subject: [PATCH 2/3] gnu: gnulib: Update to 2024-05-30-1.ac4b301.
Date: Thu, 30 May 2024 22:59:20 -0400
Message-ID: <ee628a2b24ba42c665dcda72b57ba387d119d5fc.1717124361.git.maxim.cournoyer@gmail.com>
X-Mailer: git-send-email 2.41.0
In-Reply-To: <28b457771ab0e7ad87cb65600a5898f68be5074a.1717124361.git.maxim.cournoyer@gmail.com>
References: <28b457771ab0e7ad87cb65600a5898f68be5074a.1717124361.git.maxim.cournoyer@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 47144
Cc: =?UTF-8?q?Ludovic=20Court=C3=A8s?= <ludo@gnu.org>,
 Vivien Kraus <vivien@planete-kraus.eu>,
 Maxim Cournoyer <maxim.cournoyer@gmail.com>, Leo Famulari <leo@famulari.name>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Also fix the gnulib-tool command, which would fail due to not finding their
implementation scripts.

* gnu/packages/patches/gnulib-bootstrap.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/build-tools.scm (gnulib): Update to 2024-05-30-1.ac4b301.
[source]: Apply patch.
[phases] {patch-source-shebangs, patch-generated-file-shebangs}
{patch-usr-bin-file, restore-shebangs}: Delete phases.
{disable-failing-tests}: Disable sc_error_message_warn_fatal,
sc_prefer_angle_bracket_headers, sc_check_config_h_reminder,
sc_prohibit_sc_omitted_at, sc_readme_link_copying, sc_readme_link_install,
sc_unsigned_char, sc_unsigned_int,  sc_unsigned_long and sc_unsigned_short
checks.
{regenerate-unicode}: Register BidiMirroring.txt unicode data file.

Change-Id: I154b2c5980b671f1e73e7a1f74d926ea080a7aa0
---

 gnu/local.mk                                |  1 +
 gnu/packages/build-tools.scm                | 55 ++++++++-------
 gnu/packages/patches/gnulib-bootstrap.patch | 75 +++++++++++++++++++++
 3 files changed, 107 insertions(+), 24 deletions(-)
 create mode 100644 gnu/packages/patches/gnulib-bootstrap.patch

diff --git a/gnu/local.mk b/gnu/local.mk
index 0f1ab6669a..5759b508cf 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1391,6 +1391,7 @@ dist_patch_DATA =						\
   %D%/packages/patches/gnome-settings-daemon-gc.patch		\
   %D%/packages/patches/gnome-session-support-elogind.patch	\
   %D%/packages/patches/gnome-tweaks-search-paths.patch		\
+  %D%/packages/patches/gnulib-bootstrap.patch			\
   %D%/packages/patches/gnumach-support-noide.patch		\
   %D%/packages/patches/gnupg-default-pinentry.patch		\
   %D%/packages/patches/gnupg-1-build-with-gcc10.patch		\
diff --git a/gnu/packages/build-tools.scm b/gnu/packages/build-tools.scm
index daaf450e70..82abf5b9f1 100644
--- a/gnu/packages/build-tools.scm
+++ b/gnu/packages/build-tools.scm
@@ -13,7 +13,7 @@
 ;;; Copyright © 2020 Jakub Kądziołka <kuba@kadziolka.net>
 ;;; Copyright © 2020, 2023 Efraim Flashner <efraim@flashner.co.il>
 ;;; Copyright © 2021 qblade <qblade@protonmail.com>
-;;; Copyright © 2021, 2023 Maxim Cournoyer <maxim.cournoyer@gmail.com>
+;;; Copyright © 2021, 2023, 2024 Maxim Cournoyer <maxim.cournoyer@gmail.com>
 ;;; Copyright © 2022, 2023 Juliana Sims <juli@incana.org>
 ;;;
 ;;; This file is part of GNU Guix.
@@ -853,12 +853,15 @@ (define*-public (gnulib-checkout #:key
                           ;; FIXME: tests/uniname/HangulSyllableNames.txt
                           ;; seems like a UCD file but it is not distributed
                           ;; with UCD.
-                          "tests/uniwbrk/WordBreakTest.txt")))))))
+                          "tests/uniwbrk/WordBreakTest.txt")))))
+       (patches (search-patches "gnulib-bootstrap.patch"))))
     (build-system copy-build-system)
     (arguments
      (list
       #:install-plan
       #~'(("./gnulib-tool" "bin/")
+          ("./gnulib-tool.py" "bin/")
+          ("./gnulib-tool.sh" "bin/")
           ("." "src/gnulib" #:exclude-regexp ("\\.git.*")))
       #:modules '((ice-9 match)
                   (guix build utils)
@@ -866,6 +869,13 @@ (define*-public (gnulib-checkout #:key
                   ((guix build gnu-build-system) #:prefix gnu:))
       #:phases
       #~(modify-phases %standard-phases
+          ;; Since this package is intended to be used in source form, it
+          ;; should not retain references to tools (with the exception for the
+          ;; commands we install, which should be wrapper for proper
+          ;; execution).
+          (delete 'patch-source-shebangs)
+          (delete 'patch-generated-file-shebangs)
+          (delete 'patch-usr-bin-file)
           (add-before 'install 'check
             (assoc-ref gnu:%standard-phases 'check))
           (add-before 'check 'fix-tests
@@ -889,8 +899,10 @@ (define*-public (gnulib-checkout #:key
   sc_Wundef_boolean \\
   sc_copyright_check \\
   sc_file_system \\
+  sc_error_message_warn_fatal \\
   sc_indent \\
   sc_keep_gnulib_texi_files_mostly_ascii \\
+  sc_prefer_angle_bracket_headers \\
   sc_prohibit_assert_without_use \\
   sc_prohibit_close_stream_without_use \\
   sc_prohibit_defined_have_decl_tests \\
@@ -899,15 +911,22 @@ (define*-public (gnulib-checkout #:key
   sc_prohibit_intprops_without_use \\
   sc_prohibit_openat_without_use \\
   sc_prohibit_test_minus_ao \\
-  sc_unportable_grep_q"))
+  sc_readme_link_copying \\
+  sc_readme_link_install \\
+  sc_unportable_grep_q \\
+  sc_unsigned_char \\
+  sc_unsigned_int \\
+  sc_unsigned_long \\
+  sc_unsigned_short"))
               (substitute* "Makefile"
-                (("sc_check_(sym_list|copyright)" rule)
+                (("sc_check_(sym_list|copyright|config_h_reminder)" rule)
                  (string-append "disabled_check_" rule))
                 (("sc_cpp_indent_check")
                  "disabled_cpp_indent_check")
                 (("sc_prefer_ac_check_funcs_once")
                  "disabled_prefer_ac_check_funcs_once")
-                (("sc_prohibit_(AC_LIBOBJ_in_m4|leading_TABs)" rule)
+                (("sc_prohibit_(AC_LIBOBJ_in_m4|leading_TABs\
+|sc_omitted_at)" rule)
                  (string-append "disabled_prohibit_" rule)))))
           (add-before 'check 'regenerate-unicode
             (lambda* (#:key inputs #:allow-other-keys)
@@ -939,7 +958,8 @@ (define*-public (gnulib-checkout #:key
                              (sha256
                               (base32
                                "0k6wyijyzdl5g3nibcwfm898kfydx1pqaz28v7fdvnzdvd5fz7lh"))))
-                        (find-ucd-files "EastAsianWidth.txt"
+                        (find-ucd-files "BidiMirroring.txt"
+                                        "EastAsianWidth.txt"
                                         "LineBreak.txt"
                                         "auxiliary/WordBreakProperty.txt"
                                         "auxiliary/GraphemeBreakProperty.txt"
@@ -962,22 +982,9 @@ (define*-public (gnulib-checkout #:key
                    ("NormalizationTest.txt" . "uninorm")
                    ("auxiliary/GraphemeBreakTest.txt" . "unigbrk")
                    ("auxiliary/WordBreakTest.txt" . "uniwbrk")))
-                (delete-file "gen-uni-tables"))))
-          (add-after 'install 'restore-shebangs
-            (lambda _
-              (substitute* (find-files
-                            (string-append #$output "/src/gnulib")
-                            (lambda (fname stat)
-                              (and (not (string-suffix? "/lib/javaversion.class" fname))
-                                   (not (string-suffix? ".mo" fname)))))
-                (("^#! ?(.*)/bin/sh" _ prefix)
-                 "#!/bin/sh")
-                (("^#! ?(.*)/bin/python3" _ prefix)
-                 "#!/usr/bin/env python3")
-                (("^#! ?(.*)/bin/([a-zA-Z0-9-]+)" _ prefix program)
-                 (string-append "#!/usr/bin/" program))))))))
+                (delete-file "gen-uni-tables")))))))
     (inputs
-     (list bash-minimal))                         ;shebang for gnulib-tool
+     (list bash-minimal)) ;shebang for gnulib-tool
     (native-inputs
      (list
       bash-minimal python perl clisp
@@ -1005,9 +1012,9 @@ (define*-public (gnulib-checkout #:key
 
 (define-public gnulib
   (gnulib-checkout
-   #:version "2022-12-31"
-   #:commit "875461ffdf58ac04677957b4ae4160465b83b940"
-   #:hash (base32 "0bf7a6wdns9c5wwv60qfcn9llg0j6jz5ryd2qgsqqx2i6xkmp77c")))
+   #:version "2024-05-30"
+   #:commit "ac4b301ae15223c98b51cd5a0eda2e2cf57c817b"
+   #:hash (base32 "0f4w56fc97clg13mmdghx84dh9xqmaqr3j672ppfh3h66gmmmvzs")))
 
 (define-public pdpmake
   (package
diff --git a/gnu/packages/patches/gnulib-bootstrap.patch b/gnu/packages/patches/gnulib-bootstrap.patch
new file mode 100644
index 0000000000..c0c9a5e732
--- /dev/null
+++ b/gnu/packages/patches/gnulib-bootstrap.patch
@@ -0,0 +1,75 @@
+From adbf7ce2c2b03ce5ee25d4c68f9bb247b0dcbc2b Mon Sep 17 00:00:00 2001
+From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
+Date: Thu, 30 May 2024 14:48:04 -0400
+Subject: [PATCH] bootstrap: Use gnulib-tool from PATH if available.
+
+Some distributions such as GNU Guix include in their package for
+gnulib a 'gnulib-tool' command under their $bindir
+prefix (e.g. '/bin') for users to use, along the unmodified full
+sources.  The idea is that any wrapping or distribution modifications
+for the *execution* of the script at run time is done on these
+commands, while the rest of the source should be in their
+pristine (unmodified) version.  Adjust the 'gnulib-tool' discovery
+mechanism to support such installation layout.
+
+* build-aux/bootstrap (autogen) <gnulib_tool>: Prefer to use from
+PATH, else from $GNULIB_SRCDIR/../../bin/gnulib-tool, else from
+$GNULIB_SRCDIR/gnulib-tool.
+* gnulib-tool.sh (func_gnulib_dir): Honor GNULIB_SRCDIR to locate
+gnulib's main directory.
+---
+ build-aux/bootstrap | 11 +++++++++--
+ gnulib-tool.sh      |  6 +++++-
+ 2 files changed, 14 insertions(+), 3 deletions(-)
+
+diff --git a/build-aux/bootstrap b/build-aux/bootstrap
+index 6295b8a128..06271eea8b 100755
+--- a/build-aux/bootstrap
++++ b/build-aux/bootstrap
+@@ -3,7 +3,7 @@
+ 
+ # Bootstrap this package from checked-out sources.
+ 
+-scriptversion=2024-04-13.15; # UTC
++scriptversion=2024-05-30.20; # UTC
+ 
+ # Copyright (C) 2003-2024 Free Software Foundation, Inc.
+ #
+@@ -1164,7 +1164,14 @@ autogen()
+   fi
+ 
+   if $use_gnulib; then
+-    gnulib_tool=$GNULIB_SRCDIR/gnulib-tool
++    gnulib_tool=$(command -v gnulib-tool)
++    if test -x "$gnulib_tool"; then
++      :                         # done
++    elif test -x $GNULIB_SRCDIR/../../bin/gnulib-tool; then
++      gnulib_tool=$GNULIB_SRCDIR/../../bin/gnulib-tool
++    else
++      gnulib_tool=$GNULIB_SRCDIR/gnulib-tool
++    fi
+     <$gnulib_tool || return
+   fi
+ 
+diff --git a/gnulib-tool.sh b/gnulib-tool.sh
+index 12f0b82461..0aefbe2b2b 100755
+--- a/gnulib-tool.sh
++++ b/gnulib-tool.sh
+@@ -518,7 +518,11 @@ func_gnulib_dir ()
+       * ) self_abspathname=`echo "$self_abspathname" | sed -e 's,/[^/]*$,,'`/"$linkval" ;;
+     esac
+   done
+-  gnulib_dir=`echo "$self_abspathname" | sed -e 's,/[^/]*$,,'`
++  if test -n "$GNULIB_SRCDIR"; then
++    gnulib_dir=$GNULIB_SRCDIR
++  else
++    gnulib_dir=`echo "$self_abspathname" | sed -e 's,/[^/]*$,,'`
++  fi
+ }
+ 
+ # func_tmpdir
+
+base-commit: ac4b301ae15223c98b51cd5a0eda2e2cf57c817b
+-- 
+2.41.0
+
-- 
2.41.0





From debbugs-submit-bounces@debbugs.gnu.org Thu May 30 23:03:18 2024
Received: (at 47144) by debbugs.gnu.org; 31 May 2024 03:03:18 +0000
Received: from localhost ([127.0.0.1]:52897 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1sCsY1-0002LX-Fr
	for submit@debbugs.gnu.org; Thu, 30 May 2024 23:03:18 -0400
Received: from mail-oi1-f180.google.com ([209.85.167.180]:55346)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maxim.cournoyer@gmail.com>) id 1sCsXx-0002L2-Hj
 for 47144@debbugs.gnu.org; Thu, 30 May 2024 23:03:16 -0400
Received: by mail-oi1-f180.google.com with SMTP id
 5614622812f47-3d1bb1c3b74so922057b6e.2
 for <47144@debbugs.gnu.org>; Thu, 30 May 2024 20:03:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1717124514; x=1717729314; darn=debbugs.gnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=N2NT4UL9+9BT+D/MYdu5/s2bc0OBSlSZ++cpaNhskjw=;
 b=FbXgeS5vAFh/PwhuSlFZ1PACwYzX+4ZY4ZHwywgFuuIHZHPNcagpWCya7XZO/WnJcD
 /yNstuZyMhSK6qqjuvTj6a0pbPDJDyZrPchf16ydQGGA/mMskuKKdL96JGJwU8Q+YS+6
 xngbaVBfyKhOEWsTewBoKF7wYTXuo4XHF6BS7Wsz6Og42NG3aGVXW4cOP0LESGUzOOav
 PD5GSAf5sfGAgHzWyvVHZDuxBK4MCmes7jbYE3sNJEWWwvrlPQL2dxg2AiiuaqcWYoWt
 4CO5j6iUeBCPgJszmK4aexcOBfX2302rZnFHDmUSlxHQ+21AlyEmt2D3tvTDYA2CuAVh
 imfQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1717124514; x=1717729314;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=N2NT4UL9+9BT+D/MYdu5/s2bc0OBSlSZ++cpaNhskjw=;
 b=r+bf+yADEL6/bFMn7ge3vr5T70qGopXM3304pvSolqU3rZ0jGY4pbRPJ5lkyxZWBqp
 /xytJkopRYcRnAKA7CymZgKfhxyNZ9MoF6j5hyHKsDrLZJod82oXz/xchCRXsiNvi6RG
 lJNBFwS+S3TzwUMhXo5bHh6tT80zh3bD0PkMl8YFFKSGZsXWY7v0iA+ZmxobTGBWN3qM
 1+WEpHD/NVKNey8TIqQgGjujJNaynMeSsZH/myM2TLkXwkMd5AHo0p1ObE/DliX2lbOb
 PVMLed2VCpfPZjWAYyy20JZMA0w7k7IXih5W64OwEMhqqT/qbNxYA+yOS/YXmfupGLWj
 Z7Hw==
X-Gm-Message-State: AOJu0YwO3n5ouisv69sVssK/De5a8e0Tw9yaNFIY851AYUzVMZooA9nH
 PaSqzRN+hLA7RSMq+3XGD23XHUVUqdC00LxWoL38Z081Thl8SMSH0cRfhTyr
X-Google-Smtp-Source: AGHT+IGN74TDaWEskY91DVtTxLBnZQtSIA9w2L6kzjvcZ15RESxpWYKyzWN/YnPEy5uv0ZRhQPgIBg==
X-Received: by 2002:a05:6808:1115:b0:3c9:69b9:6fa4 with SMTP id
 5614622812f47-3d1e35cbd08mr478094b6e.48.1717124513827; 
 Thu, 30 May 2024 20:01:53 -0700 (PDT)
Received: from localhost.localdomain (dsl-205-233-124-92.b2b2c.ca.
 [205.233.124.92]) by smtp.gmail.com with ESMTPSA id
 d75a77b69052e-43ff259ba48sm4036491cf.95.2024.05.30.20.01.52
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Thu, 30 May 2024 20:01:53 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
To: 47144@debbugs.gnu.org
Subject: [PATCH 3/3] gnu: patch: Graft to latest commit [security fixes].
Date: Thu, 30 May 2024 22:59:21 -0400
Message-ID: <5eda21a09360653b198f1b0d7f52cf531dc97485.1717124361.git.maxim.cournoyer@gmail.com>
X-Mailer: git-send-email 2.41.0
In-Reply-To: <28b457771ab0e7ad87cb65600a5898f68be5074a.1717124361.git.maxim.cournoyer@gmail.com>
References: <28b457771ab0e7ad87cb65600a5898f68be5074a.1717124361.git.maxim.cournoyer@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
X-Debbugs-Cc: Ludovic Courtès <ludo@gnu.org>
Content-Transfer-Encoding: 8bit
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 47144
Cc: Mark H Weaver <mhw@netris.org>,
 =?UTF-8?q?Ludovic=20Court=C3=A8s?= <ludo@gnu.org>,
 Vivien Kraus <vivien@planete-kraus.eu>,
 Maxim Cournoyer <maxim.cournoyer@gmail.com>, Leo Famulari <leo@famulari.name>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

* gnu/packages/base.scm (patch/fixed): New variable.
(patch) [replacement]: Graft with the above.

Fixes: https://issues.guix.gnu.org/47144
Reported-by: Mark H Weaver <mhw@netris.org>
Change-Id: I54ae41b735f5ba0ebad30ebdfaabe0ccdc3f9873
---

 gnu/packages/base.scm | 44 ++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 43 insertions(+), 1 deletion(-)

diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm
index bbe5b8cf57..8dcbf4b087 100644
--- a/gnu/packages/base.scm
+++ b/gnu/packages/base.scm
@@ -19,7 +19,7 @@
 ;;; Copyright © 2021 Leo Le Bouter <lle-bout@zaclys.net>
 ;;; Copyright © 2021 Maxime Devos <maximedevos@telenet.be>
 ;;; Copyright © 2021 Guillaume Le Vaillant <glv@posteo.net>
-;;; Copyright © 2021 Maxim Cournoyer <maxim.cournoyer@gmail.com>
+;;; Copyright © 2021, 2024 Maxim Cournoyer <maxim.cournoyer@gmail.com>
 ;;; Copyright © 2022 zamfofex <zamfofex@twdb.moe>
 ;;; Copyright © 2022 John Kehayias <john.kehayias@protonmail.com>
 ;;; Copyright © 2023 Josselin Poiret <dev@jpoiret.xyz>
@@ -46,8 +46,10 @@ (define-module (gnu packages base)
   #:use-module (gnu packages acl)
   #:use-module (gnu packages algebra)
   #:use-module (gnu packages attr)
+  #:use-module (gnu packages autotools)
   #:use-module (gnu packages bash)
   #:use-module (gnu packages bison)
+  #:use-module (gnu packages build-tools)
   #:use-module (gnu packages gcc)
   #:use-module (gnu packages guile)
   #:use-module (gnu packages multiprecision)
@@ -263,6 +265,7 @@ (define-public tar
 
 (define-public patch
   (package
+    (replacement patch/fixed)
     (name "patch")
     (version "2.7.6")
     (source (origin
@@ -291,6 +294,45 @@ (define-public patch
     (license gpl3+)
     (home-page "https://savannah.gnu.org/projects/patch/")))
 
+(define patch/fixed
+  ;; The latest release is from 2018, and lacks multiple security related
+  ;; patches.  Since Fedora carries 23 patches, simply use the latest commit
+  ;; until a proper release is made.
+  (let ((revision "0")
+        (commit "f144b35425d9d7732ea5485034c1a6b7a106ab92"))
+    (package
+      (inherit patch)
+      (name "patch")
+      (version (git-version "2.7.6" revision commit))
+      (source (origin
+                (inherit (package-source patch))
+                (method git-fetch)
+                (uri (git-reference
+                      (url "https://git.savannah.gnu.org/git/patch.git")
+                      (commit commit)))
+                (file-name (git-file-name name version))
+                (sha256
+                 (base32
+                  "1bk38169c0xh01b0q0zmnrjqz8k9byz3arp4q7q66sn6xwf94nvz"))))
+      (arguments
+       (substitute-keyword-arguments (package-arguments patch)
+         ((#:phases phases '%standard-phases)
+          #~(modify-phases #$phases
+              (add-after 'unpack 'update-bootstrap-script
+                (lambda* (#:key native-inputs inputs #:allow-other-keys)
+                  (copy-file (search-input-file
+                              (or native-inputs inputs)
+                              "src/gnulib/build-aux/bootstrap")
+                             "bootstrap")))
+              (add-after 'unpack 'patch-configure.ac
+                (lambda _
+                  (substitute* "configure.ac"
+                    ;; The gnulib-provided git-version-gen script has a plain
+                    ;; shebang of #!/bin/sh; avoid using it.
+                    (("build-aux/git-version-gen" all)
+                     (string-append "sh " all)))))))))
+      (native-inputs (list autoconf automake bison ed gnulib)))))
+
 (define-public diffutils
   (package
    (name "diffutils")
-- 
2.41.0





From debbugs-submit-bounces@debbugs.gnu.org Fri May 31 12:37:41 2024
Received: (at 47144) by debbugs.gnu.org; 31 May 2024 16:37:41 +0000
Received: from localhost ([127.0.0.1]:55251 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1sD5Ft-00011z-QD
	for submit@debbugs.gnu.org; Fri, 31 May 2024 12:37:40 -0400
Received: from mail-wm1-f53.google.com ([209.85.128.53]:39811)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <zimon.toutoune@gmail.com>) id 1sD5Fp-00011W-L2
 for 47144@debbugs.gnu.org; Fri, 31 May 2024 12:37:22 -0400
Received: by mail-wm1-f53.google.com with SMTP id
 5b1f17b1804b1-42111cf1ca1so3006305e9.3
 for <47144@debbugs.gnu.org>; Fri, 31 May 2024 09:37:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1717173365; x=1717778165; darn=debbugs.gnu.org;
 h=content-transfer-encoding:mime-version:message-id:date:references
 :in-reply-to:subject:cc:to:from:from:to:cc:subject:date:message-id
 :reply-to; bh=txeQ0ljwGVTJuhWD5rpMd88GLxJ84rjjnTubQ4s26nY=;
 b=Naeuicqyqi+PGW7MOr3e8nXdrKliDc4v+T8vWNvZ5+Yw55duYtPRNGZNj+V4dmUICk
 xnj5mTOxSFPOsdAnbRtZqAfCmftppXeaLM6U5arai1TbbwHKXPgRXIiaNyGehYRgTX6j
 u9ou3NGah1GkUTYRKJHo5jiUqAjewyiFwJPIanKh5qUX3DwYP9CHvaHTtg3WjCzLpejG
 m0SyF1NnYWaLGxJOSbWTvveozsjRksMkigGWA12UXYw7j0k4KzYJKFcWFH37cQqq/v7M
 nwM55FRRJNoThkV7Wd9CHmPPdH/BXVWiegKGPn7x2j0IeWD9qH1aF1DhnsvNX7fvzF4X
 Ehrg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1717173365; x=1717778165;
 h=content-transfer-encoding:mime-version:message-id:date:references
 :in-reply-to:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=txeQ0ljwGVTJuhWD5rpMd88GLxJ84rjjnTubQ4s26nY=;
 b=By1Ds/1rcWcWp5T4WbapNaNgqhb8hlwqJpgSeP8x90w29V+U6oYb7ihntdfgWx3MYO
 uo5fxQJehQJs14IFhZPQv/EVwKfxocTUEsnxEbto/+JKjN1KpOvTLeToBOWIaScZQRjh
 0Kbpo/t/2I554hAl1gmjwcLEUbpC0T8WY1l2CJtx+iVwGyzxwNeLFSkr6C5nQSCdKE9F
 jqwkpxbYODcYSfel1j0T+TWt1aOrUM0Yflem/nACzj84uPCSnXvBRnN77Lq9c71myUkx
 pX+NdXbR8I3U7wATWcfhichKPWwjbac/38fREqDBQ3cQjxy2+NRtCa8eE7xMALspzRPQ
 Yg7g==
X-Forwarded-Encrypted: i=1;
 AJvYcCX/GtPDFmZeLxK7IKxUDx1Bx62tszuAoudTz8KMiC174sbnLWyojlplE2ExkCc0RNWijsZUoLUGxBq2ZtIGFVdI2BSsJHM=
X-Gm-Message-State: AOJu0YzXrEDuXax6rXynuSzmgQzuoAXNovsk7NfPC2b5BWNidn7lDfCe
 XGD4oXDTZOZooPaPod7Z+C+svrkfnLoYFuA1AIW+mKIORZi5BbCh
X-Google-Smtp-Source: AGHT+IE16lqpvcN8P6mQqpxvpy0Q57qbCe6L5rKAjDmcbBWi6exs/oG0aHC2h7B3Vn2tc4rca+deVQ==
X-Received: by 2002:a05:600c:1c1d:b0:41f:9c43:574f with SMTP id
 5b1f17b1804b1-4212e0c3a8amr19787645e9.3.1717173364780; 
 Fri, 31 May 2024 09:36:04 -0700 (PDT)
Received: from lili ([81.185.168.12]) by smtp.gmail.com with ESMTPSA id
 5b1f17b1804b1-42127069305sm60289125e9.22.2024.05.31.09.36.03
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 31 May 2024 09:36:04 -0700 (PDT)
From: Simon Tournier <zimon.toutoune@gmail.com>
To: Maxim Cournoyer <maxim.cournoyer@gmail.com>, 47144@debbugs.gnu.org
Subject: Re: bug#47144: [PATCH 3/3] gnu: patch: Graft to latest commit
 [security fixes].
In-Reply-To: <5eda21a09360653b198f1b0d7f52cf531dc97485.1717124361.git.maxim.cournoyer@gmail.com>
References: <28b457771ab0e7ad87cb65600a5898f68be5074a.1717124361.git.maxim.cournoyer@gmail.com>
 <5eda21a09360653b198f1b0d7f52cf531dc97485.1717124361.git.maxim.cournoyer@gmail.com>
Date: Fri, 31 May 2024 18:13:00 +0200
Message-ID: <87zfs62c4z.fsf@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 47144
Cc: Mark H Weaver <mhw@netris.org>,
 Ludovic =?utf-8?Q?Court=C3=A8s?= <ludo@gnu.org>,
 Vivien Kraus <vivien@planete-kraus.eu>,
 Maxim Cournoyer <maxim.cournoyer@gmail.com>, Leo Famulari <leo@famulari.name>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Hi Maxim,

On Thu, 30 May 2024 at 22:59, Maxim Cournoyer <maxim.cournoyer@gmail.com> w=
rote:

> +      (source (origin
> +                (inherit (package-source patch))
> +                (method git-fetch)
> +                (uri (git-reference
> +                      (url "https://git.savannah.gnu.org/git/patch.git")
> +                      (commit commit)))
> +                (file-name (git-file-name name version))
> +                (sha256
> +                 (base32
> +                  "1bk38169c0xh01b0q0zmnrjqz8k9byz3arp4q7q66sn6xwf94nvz"=
))))

If I read correctly, (package-source patch) reads:

--8<---------------cut here---------------start------------->8---
    (source (origin
              (method url-fetch)
              (uri (string-append "mirror://gnu/patch/patch-"
                                  version ".tar.xz"))
              (sha256
               (base32
                "1zfqy4rdcy279vwn2z1kbv19dcfw25d2aqy9nzvdkq5bjzd0nqdc"))
              (patches (search-patches "patch-hurd-path-max.patch"))))
--8<---------------cut here---------------end--------------->8---

Therefore the only thing that is copied is the =E2=80=99patches=E2=80=99 fi=
eld.  Right?

I think it would easy the readability to avoid =E2=80=99inherit=E2=80=99 an=
d plainly
write =E2=80=99patches=E2=80=99.


Cheers,
simon




From debbugs-submit-bounces@debbugs.gnu.org Fri May 31 21:50:53 2024
Received: (at 47144) by debbugs.gnu.org; 1 Jun 2024 01:50:54 +0000
Received: from localhost ([127.0.0.1]:55515 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1sDDtV-0007wx-I8
	for submit@debbugs.gnu.org; Fri, 31 May 2024 21:50:53 -0400
Received: from mail-qv1-f50.google.com ([209.85.219.50]:45060)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maxim.cournoyer@gmail.com>) id 1sDDtS-0007wi-8i
 for 47144@debbugs.gnu.org; Fri, 31 May 2024 21:50:51 -0400
Received: by mail-qv1-f50.google.com with SMTP id
 6a1803df08f44-6ae4d4abeb8so8388386d6.2
 for <47144@debbugs.gnu.org>; Fri, 31 May 2024 18:50:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1717206573; x=1717811373; darn=debbugs.gnu.org;
 h=content-transfer-encoding:mime-version:user-agent:message-id:date
 :references:in-reply-to:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=BThhnKqg9YJAvN/B30JE8DGfQ8rydSKm/NZKoVaEUPY=;
 b=Pba3Hssqgzd5DEy6soLEBLsBA68Ue2A2kOQ2Be3hf6BmqiQtGD0Taigs9S3lwfzldm
 FRgfkIIpHO0T82DNjz7R7NFZfLN997AV2LmHdjZhQzbaRKmVo6BJo1RHvirEqbi54tud
 TeynKskgnyTmJ7DXObK77h5YyUR0jUDCZULq1V5QFzk+hd4aJy0Su8DHKT9Psbm+POHW
 cz1sZvbP6JwcR87B9V7kd7y+Z3o0Rk9iu1kpARlKJJwkON4by+X/0pXOhCmOeFFpDBJV
 cUZ1V6DUHrJLbe6Fp23r7gDaDxk8TWQpfTjmHnPxThzEQ1rZl1btjSWJq5VF1jAJbh3I
 ZoMg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1717206573; x=1717811373;
 h=content-transfer-encoding:mime-version:user-agent:message-id:date
 :references:in-reply-to:subject:cc:to:from:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=BThhnKqg9YJAvN/B30JE8DGfQ8rydSKm/NZKoVaEUPY=;
 b=nceWnkNFRGJGSFNI9parYzf3slMgCGvlvQ01GV6wErH40FrYGuga3V7IyWrXTvkPE/
 PEfdRDwc1ZK797Gzb97sCwQ/vxqaWmkfIgCozQ08IOp0ghDB4bOIARWEwc+4Tom1p3AA
 SZLdd75XeyEeuDfix306r3sXANVXIPLDSqAsf/w/NA1mDOh9A1lyJUy7HopSRPixV946
 NPKEWlMMRSnN7sYmr4gcGLl9Ab3JcwCPVsr8h7iJo88tWN6wlxu+JyNrwVCfDl04y+G8
 uFXDyD5XbCteERcWUdsWs3BHS6v1luviQd1NOt+fOgGq2ou2Bq4Ou2tHFsV2Ox+vikGa
 MYMw==
X-Gm-Message-State: AOJu0YzZgqdd8wUzYhhE2VV3P8tjsx1KXh0AILKuzV+ksiWg2ob7VV+n
 u3B+CbRa5aPYmjtYjaAZ669mza5TSLP8v42lQ5YQyp/QKHyF9sXr
X-Google-Smtp-Source: AGHT+IGpvRm2xvG24RjHuHuHE+dLCQzfvq1ZdJuWiXm33fy0bJs9MQbip68eqankGiNxIaT+M+WwuA==
X-Received: by 2002:ad4:58ac:0:b0:6ae:ceb8:4760 with SMTP id
 6a1803df08f44-6aeceb84772mr29743886d6.2.1717206573080; 
 Fri, 31 May 2024 18:49:33 -0700 (PDT)
Received: from hurd (dsl-205-233-124-92.b2b2c.ca. [205.233.124.92])
 by smtp.gmail.com with ESMTPSA id
 6a1803df08f44-6ae4a7482b3sm11024686d6.52.2024.05.31.18.49.32
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 31 May 2024 18:49:32 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
To: Simon Tournier <zimon.toutoune@gmail.com>
Subject: Re: bug#47144: [PATCH 3/3] gnu: patch: Graft to latest commit
 [security fixes].
In-Reply-To: <87zfs62c4z.fsf@gmail.com> (Simon Tournier's message of "Fri, 31
 May 2024 18:13:00 +0200")
References: <28b457771ab0e7ad87cb65600a5898f68be5074a.1717124361.git.maxim.cournoyer@gmail.com>
 <5eda21a09360653b198f1b0d7f52cf531dc97485.1717124361.git.maxim.cournoyer@gmail.com>
 <87zfs62c4z.fsf@gmail.com>
Date: Fri, 31 May 2024 21:49:31 -0400
Message-ID: <87ikytctzo.fsf@gmail.com>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 47144
Cc: Mark H Weaver <mhw@netris.org>,
 Ludovic =?utf-8?Q?Court=C3=A8s?= <ludo@gnu.org>,
 Leo Famulari <leo@famulari.name>, Vivien Kraus <vivien@planete-kraus.eu>,
 47144@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Hi Simon,

Simon Tournier <zimon.toutoune@gmail.com> writes:

> Hi Maxim,
>
> On Thu, 30 May 2024 at 22:59, Maxim Cournoyer <maxim.cournoyer@gmail.com>=
 wrote:
>
>> +      (source (origin
>> +                (inherit (package-source patch))
>> +                (method git-fetch)
>> +                (uri (git-reference
>> +                      (url "https://git.savannah.gnu.org/git/patch.git")
>> +                      (commit commit)))
>> +                (file-name (git-file-name name version))
>> +                (sha256
>> +                 (base32
>> +                  "1bk38169c0xh01b0q0zmnrjqz8k9byz3arp4q7q66sn6xwf94nvz=
"))))
>
> If I read correctly, (package-source patch) reads:
>
>     (source (origin
>               (method url-fetch)
>               (uri (string-append "mirror://gnu/patch/patch-"
>                                   version ".tar.xz"))
>               (sha256
>                (base32
>                 "1zfqy4rdcy279vwn2z1kbv19dcfw25d2aqy9nzvdkq5bjzd0nqdc"))
>               (patches (search-patches "patch-hurd-path-max.patch"))))
>
> Therefore the only thing that is copied is the =E2=80=99patches=E2=80=99 =
field.  Right?
>
> I think it would easy the readability to avoid =E2=80=99inherit=E2=80=99 =
and plainly
> write =E2=80=99patches=E2=80=99.

I preferred inheritance to avoid having to manually sync things in the
long run... (hopefully the graft gets ungrafted before 'patch' amasses
new phatces, but we never know...)

--=20
Thanks,
Maxim




From debbugs-submit-bounces@debbugs.gnu.org Sat Jun 01 07:35:50 2024
Received: (at 47144) by debbugs.gnu.org; 1 Jun 2024 11:35:51 +0000
Received: from localhost ([127.0.0.1]:55823 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1sDN1a-0002oW-IE
	for submit@debbugs.gnu.org; Sat, 01 Jun 2024 07:35:50 -0400
Received: from mail-ot1-f42.google.com ([209.85.210.42]:48481)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maxim.cournoyer@gmail.com>) id 1sDN1Z-0002oK-3F
 for 47144@debbugs.gnu.org; Sat, 01 Jun 2024 07:35:49 -0400
Received: by mail-ot1-f42.google.com with SMTP id
 46e09a7af769-6f91c4e88e5so246907a34.1
 for <47144@debbugs.gnu.org>; Sat, 01 Jun 2024 04:35:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1717241671; x=1717846471; darn=debbugs.gnu.org;
 h=mime-version:user-agent:message-id:date:references:in-reply-to
 :subject:cc:to:from:from:to:cc:subject:date:message-id:reply-to;
 bh=4K3xmYNJLgIhuiwNxxPw/rvNPLZGtAfxB5cdryQWj54=;
 b=l7CprPJpEA0aHtfuqQ18zuQWFiMBkDBD2/ycGDm6j5I4/ngSX5m0GVjKvVb1jnVy+p
 +hUzGpwOGJbw01fTMWZXpfMNl+0q2aeBBQ0tkpU/slN0F8w2WYKKsPKXMyZWhOMCGEwO
 dHXUGov4gTkiqpikeo/mFPY3aNLDybq4ghUWLoKvjqF67yHoXw1SCPfrwzu+F7WPkzYR
 geJm+XZSnXJ097RXpByDt/RNq3Er1Kg34VbFon0yLYX2wzzrn36LuEfQshZEMyZXW9NH
 HLV0K4iPWasYZurlOwaL0VMtrdrzlzoncBVMddBANQZd7PCBhzCtWL1/D7AYflRJtSxw
 vK3Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1717241671; x=1717846471;
 h=mime-version:user-agent:message-id:date:references:in-reply-to
 :subject:cc:to:from:x-gm-message-state:from:to:cc:subject:date
 :message-id:reply-to;
 bh=4K3xmYNJLgIhuiwNxxPw/rvNPLZGtAfxB5cdryQWj54=;
 b=pZnvyBBCR2qcPzJhgGM7P2jDjozTJjJmLGoIolojTuB1XXC7qREYHouKko2xZvZkRA
 NaNvt62+ZCC1PFSf6eVlWd3Ju+xu4di6dFoVLpixg/BHE3uADPrkPc1jgjHqj5qKRoLn
 Y+FKHVgK/e/dqFU+jJGxhbyDZKrIokBq+3WjVuE1urazlmOX0+YkholTNZtE747r7H8+
 yB5knXvbi+ovR1rKqijq2SqZuHg7UvmFy5V23hZx+4Y1G9ohE1bI3J8Iidu4Ivv5JZTW
 1smLWP0pNMdBX2BNJZWCvhYPvkz0RCIjwOS5a92rWcGRRLrSH1rqdIZaxiNeqdzZPgEc
 gjow==
X-Gm-Message-State: AOJu0YwF8zY+DiXu5rPolSwFBn1nJWJh5yruC1PZEnn39gqpORDRPoy6
 BL6T+wq4H/lkGIDgAEXLaWcZOZ06U2KPE832CQSH/FE6tC5/BfAJ
X-Google-Smtp-Source: AGHT+IGkTb6jnhR9qqlcJRj06xgaGuCUzKZbeX4JIECIKOw7iPkLhHyRE88x1w8uBFxsyzE5k5WT2g==
X-Received: by 2002:a05:6870:d209:b0:24f:d4e9:5d62 with SMTP id
 586e51a60fabf-2508bd80e2bmr5123185fac.16.1717241671500; 
 Sat, 01 Jun 2024 04:34:31 -0700 (PDT)
Received: from hurd (dsl-10-130-93.b2b2c.ca. [72.10.130.93])
 by smtp.gmail.com with ESMTPSA id
 6a1803df08f44-6ae4a73e07fsm13967416d6.28.2024.06.01.04.34.30
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Sat, 01 Jun 2024 04:34:31 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
To: 47144@debbugs.gnu.org
Subject: Re: [PATCH 3/3] gnu: patch: Graft to latest commit [security fixes].
In-Reply-To: <5eda21a09360653b198f1b0d7f52cf531dc97485.1717124361.git.maxim.cournoyer@gmail.com>
 (Maxim Cournoyer's message of "Thu, 30 May 2024 22:59:21 -0400")
References: <28b457771ab0e7ad87cb65600a5898f68be5074a.1717124361.git.maxim.cournoyer@gmail.com>
 <5eda21a09360653b198f1b0d7f52cf531dc97485.1717124361.git.maxim.cournoyer@gmail.com>
Date: Sat, 01 Jun 2024 07:34:29 -0400
Message-ID: <87ikysc2wq.fsf@gmail.com>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 47144
Cc: Mark H Weaver <mhw@netris.org>,
 Ludovic =?utf-8?Q?Court=C3=A8s?= <ludo@gnu.org>,
 Vivien Kraus <vivien@planete-kraus.eu>, Leo Famulari <leo@famulari.name>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Hi,

Maxim Cournoyer <maxim.cournoyer@gmail.com> writes:

> * gnu/packages/base.scm (patch/fixed): New variable.
> (patch) [replacement]: Graft with the above.
>
> Fixes: https://issues.guix.gnu.org/47144
> Reported-by: Mark H Weaver <mhw@netris.org>
> Change-Id: I54ae41b735f5ba0ebad30ebdfaabe0ccdc3f9873

[...]

>  (define-public patch
>    (package
> +    (replacement patch/fixed)
>      (name "patch")
>      (version "2.7.6")
>      (source (origin
> @@ -291,6 +294,45 @@ (define-public patch
>      (license gpl3+)
>      (home-page "https://savannah.gnu.org/projects/patch/")))
>  
> +(define patch/fixed
> +  ;; The latest release is from 2018, and lacks multiple security related
> +  ;; patches.  Since Fedora carries 23 patches, simply use the latest commit
> +  ;; until a proper release is made.
> +  (let ((revision "0")
> +        (commit "f144b35425d9d7732ea5485034c1a6b7a106ab92"))
> +    (package
> +      (inherit patch)
> +      (name "patch")
> +      (version (git-version "2.7.6" revision commit))

I just realized that since this is for grafting purposes, I shouldn't
touch the version field (they need to match in length...).  Will send a v2.

-- 
Thanks,
Maxim




From debbugs-submit-bounces@debbugs.gnu.org Sat Jun 01 08:58:37 2024
Received: (at 47144) by debbugs.gnu.org; 1 Jun 2024 12:58:37 +0000
Received: from localhost ([127.0.0.1]:55873 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1sDOJg-0004i5-VC
	for submit@debbugs.gnu.org; Sat, 01 Jun 2024 08:58:37 -0400
Received: from mail-oi1-f175.google.com ([209.85.167.175]:60428)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maxim.cournoyer@gmail.com>) id 1sDOJe-0004hj-7G
 for 47144@debbugs.gnu.org; Sat, 01 Jun 2024 08:58:35 -0400
Received: by mail-oi1-f175.google.com with SMTP id
 5614622812f47-3c9c36db8eeso1602003b6e.0
 for <47144@debbugs.gnu.org>; Sat, 01 Jun 2024 05:58:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1717246634; x=1717851434; darn=debbugs.gnu.org;
 h=content-transfer-encoding:mime-version:message-id:date:subject:cc
 :to:from:from:to:cc:subject:date:message-id:reply-to;
 bh=tMaAQR4Yg1ao31cWX1d5zL68SHN7s3ES24qlKNYImH0=;
 b=WsjQIDEPiB0liL3H6pFE3DDbxRjmdUj9Ahvknv+WxC0Mgg4W0q2stCwAXSYz6Tg/jn
 Ak+ACypRDkgWOkO9VBjfLBY8WfE466uE9mg9o9FcVC/3m+dOkAEk7J9cImSEcnap7Dra
 MAzpN+eWtTiO58b7/XYxZxTKHJWwAjt0Eotaq3MTf+2iJuL9NgZi0yNiBvjseTHAjmJb
 Y8GmxSOJL5nMgg0hwA4ys41Ai6ke1Z5bLYkEeZT+ffxJpcnMau8rlls2YkVl0dEtcPg0
 me7vQ7vvvo3smfpVVhEwmppuksuL3JYz2dcjCTCVRLJ7hFf5Oxyg/WfwSczieMzRb3/D
 Hx0w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1717246634; x=1717851434;
 h=content-transfer-encoding:mime-version:message-id:date:subject:cc
 :to:from:x-gm-message-state:from:to:cc:subject:date:message-id
 :reply-to;
 bh=tMaAQR4Yg1ao31cWX1d5zL68SHN7s3ES24qlKNYImH0=;
 b=urSoGQbyUj5OFYmn+yrvDBSWeR0tFBiv87nvI7b4kne9mP6cr+R8aPdfOX3X4KKAWf
 8/5P+JT1Xp8sjm1Z2kGxBPw+vOWtkcn0vmBXhV87QNzLPrkuMMicbYTHtv4EKkMzm3mt
 22GQWRqlu6cO49dmQVGLrsopeL4QijQam0/8R0cYiOVscrLD/cDB5Y+g7xzon8ipVrza
 NISidR3LlpyNqM9Y4P4mXEc8SgjrO7/cnX+zwK81rxJcpkSdLXirpROtHLzMJz4V/qXy
 zQGxbs245zBLq0+OBLWpqW+bQ4fW4P7hX529se1ZCrFRlvTC731dGFscJZflXdpL0Z/p
 3uPQ==
X-Gm-Message-State: AOJu0Yz0GhT6Z7th7My1osUQWWTfhRM6g4Hm4lfz7q560l00Eqs1YZB+
 D4VglDOcUzM7GGT+9zTRkXGymbh5koi+t6ug9zR5dd7Xq0Zsr/XkdskjAw==
X-Google-Smtp-Source: AGHT+IFBFvaNNxXEWk3YSTMkhdalXHOgmYTWTqWZTi7XwpjO3X3hzQ7bQCWb+3BfQu/vOz3XnYVkeA==
X-Received: by 2002:a05:6808:6d5:b0:3c6:ce0:6820 with SMTP id
 5614622812f47-3d1e34a635dmr4522499b6e.35.1717246634078; 
 Sat, 01 Jun 2024 05:57:14 -0700 (PDT)
Received: from localhost.localdomain (dsl-10-130-93.b2b2c.ca. [72.10.130.93])
 by smtp.gmail.com with ESMTPSA id
 6a1803df08f44-6ae4b40660csm14189026d6.85.2024.06.01.05.57.12
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Sat, 01 Jun 2024 05:57:13 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
To: 47144@debbugs.gnu.org
Subject: [PATCH v2 1/3] gnu: ucd: Update to 15.1.0.
Date: Sat,  1 Jun 2024 08:56:47 -0400
Message-ID: <a3641c8501b839cb4490edca279bf15a8141b8ea.1717246609.git.maxim.cournoyer@gmail.com>
X-Mailer: git-send-email 2.41.0
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 47144
Cc: =?UTF-8?q?Ludovic=20Court=C3=A8s?= <ludo@gnu.org>,
 Vivien Kraus <vivien@planete-kraus.eu>,
 Maxim Cournoyer <maxim.cournoyer@gmail.com>, Leo Famulari <leo@famulari.name>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

* gnu/packages/unicode.scm (ucd): Update to 15.1.0.

Change-Id: I0828544c35eef90a8f76c2084362ee4594189244
---

(no changes since v1)

 gnu/packages/unicode.scm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gnu/packages/unicode.scm b/gnu/packages/unicode.scm
index 23f08a2aab..fe188ed71d 100644
--- a/gnu/packages/unicode.scm
+++ b/gnu/packages/unicode.scm
@@ -77,14 +77,14 @@ (define-public libunibreak
 (define-public ucd
   (package
     (name "ucd")
-    (version "15.0.0")
+    (version "15.1.0")
     (source
      (origin
        (method url-fetch/zipbomb)
        (uri (string-append "https://www.unicode.org/Public/zipped/" version
                            "/UCD.zip"))
        (sha256
-        (base32 "133inqn33hcfvylmps63yjr6rrqrfq6x7a5hr5fd51z6yc0f9gaz"))))
+        (base32 "0xv10nkvg6451415imvb0qx72ljp0hv9f8h1sl6509ir0lync76b"))))
     (build-system copy-build-system)
     (arguments
      '(#:install-plan

base-commit: dc4c48f10281007a0ab3541b8a64198c60c6d5b0
-- 
2.41.0





From debbugs-submit-bounces@debbugs.gnu.org Sat Jun 01 08:58:38 2024
Received: (at 47144) by debbugs.gnu.org; 1 Jun 2024 12:58:38 +0000
Received: from localhost ([127.0.0.1]:55875 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1sDOJh-0004i7-BQ
	for submit@debbugs.gnu.org; Sat, 01 Jun 2024 08:58:38 -0400
Received: from mail-ot1-f54.google.com ([209.85.210.54]:48561)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maxim.cournoyer@gmail.com>) id 1sDOJf-0004hm-Dh
 for 47144@debbugs.gnu.org; Sat, 01 Jun 2024 08:58:36 -0400
Received: by mail-ot1-f54.google.com with SMTP id
 46e09a7af769-6f91c4e88e5so269444a34.1
 for <47144@debbugs.gnu.org>; Sat, 01 Jun 2024 05:58:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1717246637; x=1717851437; darn=debbugs.gnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=Wd8J//kAZMJ7cTM8ul60r5LsmQQho387ppFiYpWNuW0=;
 b=VV6atuLcBvZxzmzicfmd98m27N+BZNfZXSHoj5OfScjBeHcsQYOI0eUAjCq8veI884
 BVCO1UqeN8gz5dnZsH9cqt6arFH2DIWv4g0/V91/zsQ2PsPyVafiKrOEudlnd3o9eEv0
 Czg8q0+0VUvOqfyd+ZSUU87yzGfDJ87TpnRQA7s7RZHO4kLIScTE3snN3bUpotFzpm2e
 sUrvE6856Ep4QDfObfrTznOPMy/o6D+TC2/0pap7v/KlSEstGBCO7fcH3q4VAZzIsvHE
 twO+WYa6bdbYs9K+dW6b4ddUOhlWcUKaN2/l/o7WAuVMbt2deOd9H09an15Tz+s5XpUO
 Tdgg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1717246637; x=1717851437;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=Wd8J//kAZMJ7cTM8ul60r5LsmQQho387ppFiYpWNuW0=;
 b=YK/hOJFeFWo9A5wiGAvu6ZX/gjo3TzjUQ7LznYkRly4VkQXSpYs2M0ghzQ3mBZp5Uv
 Rh07fcGLQIOfsXcblxJzQfJ9lmcNPDfeIugg/qarEoH8HVFaOAjMjxhr1qoNgzi2g7no
 YmfNd+NkuVetYZgOpxa8d43EZaqItY2H/cJvjIgotBtzclF1hRFXIQYa38nQGRYuWDNF
 mO0MkoZhecVoyZ/5nmPh6ZvqzOzDCCD/PHdfUmGYSsRa8ue6tzT5ZDdpiZFInxYxFnXT
 3ItC43WpOXEiHCVjZGwbrayT1YFByNugmmECbbpj7sHMZlVNtxs50kY2rXLf6HqHPs18
 veeA==
X-Gm-Message-State: AOJu0YyApy/i2SXZ7EOWHYQc5A/WS2FjIjF2rHE3iGVvX8eN6/L0H0sp
 WBVPvT6baSrJ7O2iQ7FkNqrabrWoS6bCG7zpAWpEkzp8Cq4gtFOqsbP9uQ==
X-Google-Smtp-Source: AGHT+IHOAvkG3Dh98zp2dsQ8tTyWmB7GQ4LanyNCCASDTtXICuooiwb0xi9fz6AutcsejLu5FAnxUA==
X-Received: by 2002:a05:6808:2789:b0:3c9:92ba:fd0a with SMTP id
 5614622812f47-3d1e35bd322mr4617126b6e.38.1717246636605; 
 Sat, 01 Jun 2024 05:57:16 -0700 (PDT)
Received: from localhost.localdomain (dsl-10-130-93.b2b2c.ca. [72.10.130.93])
 by smtp.gmail.com with ESMTPSA id
 6a1803df08f44-6ae4b40660csm14189026d6.85.2024.06.01.05.57.15
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Sat, 01 Jun 2024 05:57:15 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
To: 47144@debbugs.gnu.org
Subject: [PATCH v2 2/3] gnu: gnulib: Update to 2024-05-30-1.ac4b301.
Date: Sat,  1 Jun 2024 08:56:48 -0400
Message-ID: <c34f058c9534a551b2cdc24cac9c642af14e842c.1717246609.git.maxim.cournoyer@gmail.com>
X-Mailer: git-send-email 2.41.0
In-Reply-To: <a3641c8501b839cb4490edca279bf15a8141b8ea.1717246609.git.maxim.cournoyer@gmail.com>
References: <a3641c8501b839cb4490edca279bf15a8141b8ea.1717246609.git.maxim.cournoyer@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 47144
Cc: =?UTF-8?q?Ludovic=20Court=C3=A8s?= <ludo@gnu.org>,
 Vivien Kraus <vivien@planete-kraus.eu>,
 Maxim Cournoyer <maxim.cournoyer@gmail.com>, Leo Famulari <leo@famulari.name>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Also fix the commands, which would fail due to not finding their
implementation scripts.

* gnu/packages/patches/gnulib-bootstrap.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/build-tools.scm (gnulib): Update to 2024-05-30-1.ac4b301.
[source]: Apply patch.
[phases] {patch-source-shebangs, patch-generated-file-shebangs}
{patch-usr-bin-file, restore-shebangs}: Delete phases.
{disable-failing-tests}: Disable sc_error_message_warn_fatal,
sc_prefer_angle_bracket_headers, sc_check_config_h_reminder,
sc_prohibit_sc_omitted_at, sc_readme_link_copying, sc_readme_link_install,
sc_unsigned_char, sc_unsigned_int,  sc_unsigned_long and sc_unsigned_short
checks.
{regenerate-unicode}: Register BidiMirroring.txt unicode data file.

Change-Id: I154b2c5980b671f1e73e7a1f74d926ea080a7aa0
---

(no changes since v1)

 gnu/local.mk                                |  1 +
 gnu/packages/build-tools.scm                | 55 ++++++++-------
 gnu/packages/patches/gnulib-bootstrap.patch | 75 +++++++++++++++++++++
 3 files changed, 107 insertions(+), 24 deletions(-)
 create mode 100644 gnu/packages/patches/gnulib-bootstrap.patch

diff --git a/gnu/local.mk b/gnu/local.mk
index 6934d5ccc7..b369127194 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1393,6 +1393,7 @@ dist_patch_DATA =						\
   %D%/packages/patches/gnome-settings-daemon-gc.patch		\
   %D%/packages/patches/gnome-session-support-elogind.patch	\
   %D%/packages/patches/gnome-tweaks-search-paths.patch		\
+  %D%/packages/patches/gnulib-bootstrap.patch			\
   %D%/packages/patches/gnumach-support-noide.patch		\
   %D%/packages/patches/gnupg-default-pinentry.patch		\
   %D%/packages/patches/gnupg-1-build-with-gcc10.patch		\
diff --git a/gnu/packages/build-tools.scm b/gnu/packages/build-tools.scm
index daaf450e70..82abf5b9f1 100644
--- a/gnu/packages/build-tools.scm
+++ b/gnu/packages/build-tools.scm
@@ -13,7 +13,7 @@
 ;;; Copyright © 2020 Jakub Kądziołka <kuba@kadziolka.net>
 ;;; Copyright © 2020, 2023 Efraim Flashner <efraim@flashner.co.il>
 ;;; Copyright © 2021 qblade <qblade@protonmail.com>
-;;; Copyright © 2021, 2023 Maxim Cournoyer <maxim.cournoyer@gmail.com>
+;;; Copyright © 2021, 2023, 2024 Maxim Cournoyer <maxim.cournoyer@gmail.com>
 ;;; Copyright © 2022, 2023 Juliana Sims <juli@incana.org>
 ;;;
 ;;; This file is part of GNU Guix.
@@ -853,12 +853,15 @@ (define*-public (gnulib-checkout #:key
                           ;; FIXME: tests/uniname/HangulSyllableNames.txt
                           ;; seems like a UCD file but it is not distributed
                           ;; with UCD.
-                          "tests/uniwbrk/WordBreakTest.txt")))))))
+                          "tests/uniwbrk/WordBreakTest.txt")))))
+       (patches (search-patches "gnulib-bootstrap.patch"))))
     (build-system copy-build-system)
     (arguments
      (list
       #:install-plan
       #~'(("./gnulib-tool" "bin/")
+          ("./gnulib-tool.py" "bin/")
+          ("./gnulib-tool.sh" "bin/")
           ("." "src/gnulib" #:exclude-regexp ("\\.git.*")))
       #:modules '((ice-9 match)
                   (guix build utils)
@@ -866,6 +869,13 @@ (define*-public (gnulib-checkout #:key
                   ((guix build gnu-build-system) #:prefix gnu:))
       #:phases
       #~(modify-phases %standard-phases
+          ;; Since this package is intended to be used in source form, it
+          ;; should not retain references to tools (with the exception for the
+          ;; commands we install, which should be wrapper for proper
+          ;; execution).
+          (delete 'patch-source-shebangs)
+          (delete 'patch-generated-file-shebangs)
+          (delete 'patch-usr-bin-file)
           (add-before 'install 'check
             (assoc-ref gnu:%standard-phases 'check))
           (add-before 'check 'fix-tests
@@ -889,8 +899,10 @@ (define*-public (gnulib-checkout #:key
   sc_Wundef_boolean \\
   sc_copyright_check \\
   sc_file_system \\
+  sc_error_message_warn_fatal \\
   sc_indent \\
   sc_keep_gnulib_texi_files_mostly_ascii \\
+  sc_prefer_angle_bracket_headers \\
   sc_prohibit_assert_without_use \\
   sc_prohibit_close_stream_without_use \\
   sc_prohibit_defined_have_decl_tests \\
@@ -899,15 +911,22 @@ (define*-public (gnulib-checkout #:key
   sc_prohibit_intprops_without_use \\
   sc_prohibit_openat_without_use \\
   sc_prohibit_test_minus_ao \\
-  sc_unportable_grep_q"))
+  sc_readme_link_copying \\
+  sc_readme_link_install \\
+  sc_unportable_grep_q \\
+  sc_unsigned_char \\
+  sc_unsigned_int \\
+  sc_unsigned_long \\
+  sc_unsigned_short"))
               (substitute* "Makefile"
-                (("sc_check_(sym_list|copyright)" rule)
+                (("sc_check_(sym_list|copyright|config_h_reminder)" rule)
                  (string-append "disabled_check_" rule))
                 (("sc_cpp_indent_check")
                  "disabled_cpp_indent_check")
                 (("sc_prefer_ac_check_funcs_once")
                  "disabled_prefer_ac_check_funcs_once")
-                (("sc_prohibit_(AC_LIBOBJ_in_m4|leading_TABs)" rule)
+                (("sc_prohibit_(AC_LIBOBJ_in_m4|leading_TABs\
+|sc_omitted_at)" rule)
                  (string-append "disabled_prohibit_" rule)))))
           (add-before 'check 'regenerate-unicode
             (lambda* (#:key inputs #:allow-other-keys)
@@ -939,7 +958,8 @@ (define*-public (gnulib-checkout #:key
                              (sha256
                               (base32
                                "0k6wyijyzdl5g3nibcwfm898kfydx1pqaz28v7fdvnzdvd5fz7lh"))))
-                        (find-ucd-files "EastAsianWidth.txt"
+                        (find-ucd-files "BidiMirroring.txt"
+                                        "EastAsianWidth.txt"
                                         "LineBreak.txt"
                                         "auxiliary/WordBreakProperty.txt"
                                         "auxiliary/GraphemeBreakProperty.txt"
@@ -962,22 +982,9 @@ (define*-public (gnulib-checkout #:key
                    ("NormalizationTest.txt" . "uninorm")
                    ("auxiliary/GraphemeBreakTest.txt" . "unigbrk")
                    ("auxiliary/WordBreakTest.txt" . "uniwbrk")))
-                (delete-file "gen-uni-tables"))))
-          (add-after 'install 'restore-shebangs
-            (lambda _
-              (substitute* (find-files
-                            (string-append #$output "/src/gnulib")
-                            (lambda (fname stat)
-                              (and (not (string-suffix? "/lib/javaversion.class" fname))
-                                   (not (string-suffix? ".mo" fname)))))
-                (("^#! ?(.*)/bin/sh" _ prefix)
-                 "#!/bin/sh")
-                (("^#! ?(.*)/bin/python3" _ prefix)
-                 "#!/usr/bin/env python3")
-                (("^#! ?(.*)/bin/([a-zA-Z0-9-]+)" _ prefix program)
-                 (string-append "#!/usr/bin/" program))))))))
+                (delete-file "gen-uni-tables")))))))
     (inputs
-     (list bash-minimal))                         ;shebang for gnulib-tool
+     (list bash-minimal)) ;shebang for gnulib-tool
     (native-inputs
      (list
       bash-minimal python perl clisp
@@ -1005,9 +1012,9 @@ (define*-public (gnulib-checkout #:key
 
 (define-public gnulib
   (gnulib-checkout
-   #:version "2022-12-31"
-   #:commit "875461ffdf58ac04677957b4ae4160465b83b940"
-   #:hash (base32 "0bf7a6wdns9c5wwv60qfcn9llg0j6jz5ryd2qgsqqx2i6xkmp77c")))
+   #:version "2024-05-30"
+   #:commit "ac4b301ae15223c98b51cd5a0eda2e2cf57c817b"
+   #:hash (base32 "0f4w56fc97clg13mmdghx84dh9xqmaqr3j672ppfh3h66gmmmvzs")))
 
 (define-public pdpmake
   (package
diff --git a/gnu/packages/patches/gnulib-bootstrap.patch b/gnu/packages/patches/gnulib-bootstrap.patch
new file mode 100644
index 0000000000..c0c9a5e732
--- /dev/null
+++ b/gnu/packages/patches/gnulib-bootstrap.patch
@@ -0,0 +1,75 @@
+From adbf7ce2c2b03ce5ee25d4c68f9bb247b0dcbc2b Mon Sep 17 00:00:00 2001
+From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
+Date: Thu, 30 May 2024 14:48:04 -0400
+Subject: [PATCH] bootstrap: Use gnulib-tool from PATH if available.
+
+Some distributions such as GNU Guix include in their package for
+gnulib a 'gnulib-tool' command under their $bindir
+prefix (e.g. '/bin') for users to use, along the unmodified full
+sources.  The idea is that any wrapping or distribution modifications
+for the *execution* of the script at run time is done on these
+commands, while the rest of the source should be in their
+pristine (unmodified) version.  Adjust the 'gnulib-tool' discovery
+mechanism to support such installation layout.
+
+* build-aux/bootstrap (autogen) <gnulib_tool>: Prefer to use from
+PATH, else from $GNULIB_SRCDIR/../../bin/gnulib-tool, else from
+$GNULIB_SRCDIR/gnulib-tool.
+* gnulib-tool.sh (func_gnulib_dir): Honor GNULIB_SRCDIR to locate
+gnulib's main directory.
+---
+ build-aux/bootstrap | 11 +++++++++--
+ gnulib-tool.sh      |  6 +++++-
+ 2 files changed, 14 insertions(+), 3 deletions(-)
+
+diff --git a/build-aux/bootstrap b/build-aux/bootstrap
+index 6295b8a128..06271eea8b 100755
+--- a/build-aux/bootstrap
++++ b/build-aux/bootstrap
+@@ -3,7 +3,7 @@
+ 
+ # Bootstrap this package from checked-out sources.
+ 
+-scriptversion=2024-04-13.15; # UTC
++scriptversion=2024-05-30.20; # UTC
+ 
+ # Copyright (C) 2003-2024 Free Software Foundation, Inc.
+ #
+@@ -1164,7 +1164,14 @@ autogen()
+   fi
+ 
+   if $use_gnulib; then
+-    gnulib_tool=$GNULIB_SRCDIR/gnulib-tool
++    gnulib_tool=$(command -v gnulib-tool)
++    if test -x "$gnulib_tool"; then
++      :                         # done
++    elif test -x $GNULIB_SRCDIR/../../bin/gnulib-tool; then
++      gnulib_tool=$GNULIB_SRCDIR/../../bin/gnulib-tool
++    else
++      gnulib_tool=$GNULIB_SRCDIR/gnulib-tool
++    fi
+     <$gnulib_tool || return
+   fi
+ 
+diff --git a/gnulib-tool.sh b/gnulib-tool.sh
+index 12f0b82461..0aefbe2b2b 100755
+--- a/gnulib-tool.sh
++++ b/gnulib-tool.sh
+@@ -518,7 +518,11 @@ func_gnulib_dir ()
+       * ) self_abspathname=`echo "$self_abspathname" | sed -e 's,/[^/]*$,,'`/"$linkval" ;;
+     esac
+   done
+-  gnulib_dir=`echo "$self_abspathname" | sed -e 's,/[^/]*$,,'`
++  if test -n "$GNULIB_SRCDIR"; then
++    gnulib_dir=$GNULIB_SRCDIR
++  else
++    gnulib_dir=`echo "$self_abspathname" | sed -e 's,/[^/]*$,,'`
++  fi
+ }
+ 
+ # func_tmpdir
+
+base-commit: ac4b301ae15223c98b51cd5a0eda2e2cf57c817b
+-- 
+2.41.0
+
-- 
2.41.0





From debbugs-submit-bounces@debbugs.gnu.org Sat Jun 01 08:58:41 2024
Received: (at 47144) by debbugs.gnu.org; 1 Jun 2024 12:58:41 +0000
Received: from localhost ([127.0.0.1]:55878 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1sDOJl-0004iR-9E
	for submit@debbugs.gnu.org; Sat, 01 Jun 2024 08:58:41 -0400
Received: from mail-ot1-f50.google.com ([209.85.210.50]:48374)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maxim.cournoyer@gmail.com>) id 1sDOJi-0004hp-1i
 for 47144@debbugs.gnu.org; Sat, 01 Jun 2024 08:58:39 -0400
Received: by mail-ot1-f50.google.com with SMTP id
 46e09a7af769-6f8e9d4dff3so1869455a34.0
 for <47144@debbugs.gnu.org>; Sat, 01 Jun 2024 05:58:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1717246639; x=1717851439; darn=debbugs.gnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=AEm6y6j+YVcyrI4JxP0l1uybH6IWygZEl8tfYA7Li3Y=;
 b=WjRmQqbmttEAYsmyim5vmWyLih75Xn44Ahfw5Jpa4nY3PY6HfmHKMexbVt43+IU2lj
 nrK5Sk/xwo/kas7sdOCtNdM5VfYBtvqbInqAApRJR2i2pNuM+pPvkcwqbYO/uKMCaTbg
 jr2J9E4EbYERx0/5qXH7VTXbH5Ja4XDz4aMeD6MnTNdiGdMOed0G9EgHd8VpbXFRKXhj
 uS+EInqUcck0dcU2jSTUtG1zoJKHRbV0QDxx/kAbpi+Ld7N7xHO3xWIbRqkLVT9Ts5DZ
 2qsHmLqpZijnnJYAFZ29C5ULto+XBGohZ8ALt99U132TI05wf4MhgnX+HiKqG/z4HaHD
 VQ3g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1717246639; x=1717851439;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=AEm6y6j+YVcyrI4JxP0l1uybH6IWygZEl8tfYA7Li3Y=;
 b=eJfGMVr8wy7pj8UqkCpIVWaOHMqJ1GJ4SC/6mCN4NnvCa71rZWcUmhHqZdmj0PToBk
 Yvaa4vj1Eo3SQKJoK5eF8HdfyY3zufqwhkYm/1xQN11PvF8tRvpxqe/t/lI+oTDqMWA9
 4FRq8FnM8K9ADP0hFxy8QDizRztkY8x0awwUh6Dt/AEVYJnvUteWcmwotyVQ0HyDMU+O
 iSfsQDLU4oJqXNPqqfKyPmdKECA4DYCcVe8yOMyhYsHOehYAf4vq6Gz2ABbv6iii1WaH
 VB9IzqlZfr5gy3eVYt7SmLf0HuYZebIM5pbaZDYrm/lj7LeHSglR5TU3A+t7fQJFuG83
 vz7A==
X-Gm-Message-State: AOJu0Yzfg8GT+oj1EoXqkLsUL1ZwnvDU2lxJqV+H3Bw/VvpSRgYjmrBq
 EzJZ554RQHfB6KcGb93KDW4a+EyhzzvQ1lOm13d4zcZ1qTC82YSLTS90uw==
X-Google-Smtp-Source: AGHT+IHNvvRiYhE8JI5Ydq5KcUNpyIPx6dg2C4GLo4Zl1gq0H1WkrRWz74CQxvKR2ZFuYPpSQhx9nQ==
X-Received: by 2002:a05:6808:2389:b0:3ca:b21a:7936 with SMTP id
 5614622812f47-3d1e347739fmr5606264b6e.3.1717246638739; 
 Sat, 01 Jun 2024 05:57:18 -0700 (PDT)
Received: from localhost.localdomain (dsl-10-130-93.b2b2c.ca. [72.10.130.93])
 by smtp.gmail.com with ESMTPSA id
 6a1803df08f44-6ae4b40660csm14189026d6.85.2024.06.01.05.57.17
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Sat, 01 Jun 2024 05:57:18 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
To: 47144@debbugs.gnu.org
Subject: [PATCH v2 3/3] gnu: patch: Graft to latest commit [security fixes].
Date: Sat,  1 Jun 2024 08:56:49 -0400
Message-ID: <fa71e5023e26c025307a2a11be911e4b008580d7.1717246609.git.maxim.cournoyer@gmail.com>
X-Mailer: git-send-email 2.41.0
In-Reply-To: <a3641c8501b839cb4490edca279bf15a8141b8ea.1717246609.git.maxim.cournoyer@gmail.com>
References: <a3641c8501b839cb4490edca279bf15a8141b8ea.1717246609.git.maxim.cournoyer@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
X-Debbugs-Cc: Ludovic Courtès <ludo@gnu.org>
Content-Transfer-Encoding: 8bit
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 47144
Cc: Mark H Weaver <mhw@netris.org>,
 =?UTF-8?q?Ludovic=20Court=C3=A8s?= <ludo@gnu.org>,
 Vivien Kraus <vivien@planete-kraus.eu>,
 Maxim Cournoyer <maxim.cournoyer@gmail.com>, Leo Famulari <leo@famulari.name>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

* gnu/packages/base.scm (patch/fixed): New variable.
(patch) [replacement]: Graft with the above.

Fixes: https://issues.guix.gnu.org/47144
Reported-by: Mark H Weaver <mhw@netris.org>
Change-Id: I54ae41b735f5ba0ebad30ebdfaabe0ccdc3f9873
---

Changes in v2:
 - Use same version to have the same store length, a graft requirement
 - Copy the gnulib source in a phase to avoid introducing a dependency cycle

 gnu/packages/base.scm | 52 ++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 51 insertions(+), 1 deletion(-)

diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm
index bbe5b8cf57..45dbf77817 100644
--- a/gnu/packages/base.scm
+++ b/gnu/packages/base.scm
@@ -19,7 +19,7 @@
 ;;; Copyright © 2021 Leo Le Bouter <lle-bout@zaclys.net>
 ;;; Copyright © 2021 Maxime Devos <maximedevos@telenet.be>
 ;;; Copyright © 2021 Guillaume Le Vaillant <glv@posteo.net>
-;;; Copyright © 2021 Maxim Cournoyer <maxim.cournoyer@gmail.com>
+;;; Copyright © 2021, 2024 Maxim Cournoyer <maxim.cournoyer@gmail.com>
 ;;; Copyright © 2022 zamfofex <zamfofex@twdb.moe>
 ;;; Copyright © 2022 John Kehayias <john.kehayias@protonmail.com>
 ;;; Copyright © 2023 Josselin Poiret <dev@jpoiret.xyz>
@@ -46,8 +46,10 @@ (define-module (gnu packages base)
   #:use-module (gnu packages acl)
   #:use-module (gnu packages algebra)
   #:use-module (gnu packages attr)
+  #:use-module (gnu packages autotools)
   #:use-module (gnu packages bash)
   #:use-module (gnu packages bison)
+  #:use-module (gnu packages build-tools)
   #:use-module (gnu packages gcc)
   #:use-module (gnu packages guile)
   #:use-module (gnu packages multiprecision)
@@ -263,6 +265,7 @@ (define-public tar
 
 (define-public patch
   (package
+    (replacement patch/fixed)
     (name "patch")
     (version "2.7.6")
     (source (origin
@@ -291,6 +294,53 @@ (define-public patch
     (license gpl3+)
     (home-page "https://savannah.gnu.org/projects/patch/")))
 
+(define patch/fixed
+  ;; The latest release is from 2018, and lacks multiple security related
+  ;; patches.  Since Fedora carries 23 patches, simply use the latest commit
+  ;; until a proper release is made.
+  (let ((revision "0")
+        (commit "f144b35425d9d7732ea5485034c1a6b7a106ab92"))
+    (package
+      (inherit patch)
+      (name "patch")
+      ;; TODO: Uncomment when ungrafting.
+      ;;(version (git-version "2.7.6" revision commit))
+      (source (origin
+                (inherit (package-source patch))
+                (method git-fetch)
+                (uri (git-reference
+                      (url "https://git.savannah.gnu.org/git/patch.git")
+                      (commit commit)))
+                ;; TODO: Uncomment when ungrafting and using the above
+                ;; 'git-version'-computed version.
+                ;;(file-name (git-file-name name version))
+                (sha256
+                 (base32
+                  "1bk38169c0xh01b0q0zmnrjqz8k9byz3arp4q7q66sn6xwf94nvz"))))
+      (arguments
+       (substitute-keyword-arguments (package-arguments patch)
+         ((#:phases phases '%standard-phases)
+          #~(modify-phases #$phases
+              (add-after 'unpack 'copy-gnulib-sources
+                (lambda _
+                  ;; XXX: We copy the source instead of using 'gnulib' as a
+                  ;; native input to avoid introducing a dependency cycle with.
+                  (copy-recursively #+gnulib "gnulib")
+                  (setenv "GNULIB_SRCDIR"
+                          (string-append (getcwd) "/gnulib/src/gnulib"))))
+              (add-after 'copy-gnulib-sources 'update-bootstrap-script
+                (lambda _
+                  (copy-file "gnulib/src/gnulib/build-aux/bootstrap"
+                             "bootstrap")))
+              (add-after 'unpack 'patch-configure.ac
+                (lambda _
+                  (substitute* "configure.ac"
+                    ;; The gnulib-provided git-version-gen script has a plain
+                    ;; shebang of #!/bin/sh; avoid using it.
+                    (("build-aux/git-version-gen" all)
+                     (string-append "sh " all)))))))))
+      (native-inputs (list autoconf automake bison ed)))))
+
 (define-public diffutils
   (package
    (name "diffutils")
-- 
2.41.0





From debbugs-submit-bounces@debbugs.gnu.org Sat Jun 01 10:33:18 2024
Received: (at 47144) by debbugs.gnu.org; 1 Jun 2024 14:33:18 +0000
Received: from localhost ([127.0.0.1]:57003 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1sDPnK-0007TT-55
	for submit@debbugs.gnu.org; Sat, 01 Jun 2024 10:33:18 -0400
Received: from eggs.gnu.org ([209.51.188.92]:46246)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ludo@gnu.org>) id 1sDPnI-0007TH-Lw
 for 47144@debbugs.gnu.org; Sat, 01 Jun 2024 10:33:17 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@gnu.org>)
 id 1sDPn0-0004uu-AB; Sat, 01 Jun 2024 10:32:58 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org;
 s=fencepost-gnu-org; h=MIME-Version:Date:References:In-Reply-To:Subject:To:
 From; bh=LuWriuI58YGLJcHQegruBgkwb5hFLgQSAjfXUiR9uBw=; b=S7uPGoRO+xBMccfJaV3L
 Hk2P1LNl7n2LraMvp0amaTOSLUHp0OnuuPwKR6QK30pSPlaICJUgktqoEwUprNNQxCq90A6M+4Szx
 LV7lV89c+A6XjZSrHrX1bq30AnCmgAPAouXi22lHaTSDNpCZ08YaV0MOHTQPc1sy2qSIHk3thFuye
 VGp3QLUI69qtxyfKviSOtt2mMHUl/wODw/kXD6Q5DAR2OrMtvFIWxvDllsT8hNUo2CBvzEnwhjFBk
 71uzWEQlEpqL8MSy25OWoH4a+YGnOr47pw6YCDm7Hz4h4MV3wpSbvTcu+UJmG8STvvzU3LPqO6eBj
 2Ey4/on5hze0JQ==;
From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@gnu.org>
To: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Subject: Re: [PATCH 3/3] gnu: patch: Graft to latest commit [security fixes].
In-Reply-To: <5eda21a09360653b198f1b0d7f52cf531dc97485.1717124361.git.maxim.cournoyer@gmail.com>
 (Maxim Cournoyer's message of "Thu, 30 May 2024 22:59:21 -0400")
References: <28b457771ab0e7ad87cb65600a5898f68be5074a.1717124361.git.maxim.cournoyer@gmail.com>
 <5eda21a09360653b198f1b0d7f52cf531dc97485.1717124361.git.maxim.cournoyer@gmail.com>
X-URL: http://www.fdn.fr/~lcourtes/
X-Revolutionary-Date: Quartidi 14 Prairial an 232 de la =?utf-8?Q?R=C3=A9v?=
 =?utf-8?Q?olution=2C?= jour de l'Acacia
X-PGP-Key-ID: 0x090B11993D9AEBB5
X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc
X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4  0CFB 090B 1199 3D9A EBB5
X-OS: x86_64-pc-linux-gnu
Date: Sat, 01 Jun 2024 16:32:55 +0200
Message-ID: <87r0dgn36w.fsf@gnu.org>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 47144
Cc: Mark H Weaver <mhw@netris.org>, Leo Famulari <leo@famulari.name>,
 Vivien Kraus <vivien@planete-kraus.eu>, 47144@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

Hi Maxim,

Maxim Cournoyer <maxim.cournoyer@gmail.com> skribis:

>  (define-public patch
>    (package
> +    (replacement patch/fixed)

Unless I=E2=80=99m mistaken, this will have practically no effect because P=
atch
is a build-time-only dependency.

My recommendation would be to not add a =E2=80=98replacement=E2=80=99 field=
 at all.
Instead, you could add a new =E2=80=98patch/latest=E2=80=99 public variable=
 pointing to
that commit that you picked.  That way, users running =E2=80=98guix install
patch=E2=80=99 or similar will get the latest version of Patch.

On the next =E2=80=98core-packages-team=E2=80=99 cycle, we=E2=80=99d update=
 Patch to refer to
that commit.

WDYT?

Ludo=E2=80=99.




From debbugs-submit-bounces@debbugs.gnu.org Sat Jun 01 11:04:11 2024
Received: (at 47144) by debbugs.gnu.org; 1 Jun 2024 15:04:11 +0000
Received: from localhost ([127.0.0.1]:57085 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1sDQHD-0002e9-8D
	for submit@debbugs.gnu.org; Sat, 01 Jun 2024 11:04:11 -0400
Received: from mail-qk1-f173.google.com ([209.85.222.173]:46453)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maxim.cournoyer@gmail.com>) id 1sDQHB-0002dv-9L
 for 47144@debbugs.gnu.org; Sat, 01 Jun 2024 11:04:10 -0400
Received: by mail-qk1-f173.google.com with SMTP id
 af79cd13be357-794c3946468so218300485a.1
 for <47144@debbugs.gnu.org>; Sat, 01 Jun 2024 08:03:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1717254172; x=1717858972; darn=debbugs.gnu.org;
 h=content-transfer-encoding:mime-version:user-agent:message-id:date
 :references:in-reply-to:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=BCw8gEREcDWX/BAFi8wHItPGSrCCpMVLSNe5av+T5sY=;
 b=U7UOoRXFhfRxjgLbS8ZzcAh2vg+QvkuxEMsKDrYDEc53YA5QRuIm3mPcZd1O5DxCNv
 VDzHBgSfvrjAXK5b413EoX2zDfheH46+gt8ggSQ7iEw2h6FJRL4az4n6JLiEY1d6wfhf
 XwPV5m9hwrjmPgjZ52193dC5OgZ4yOSoLB5qJbyHDc2TTiveVlttoP4xw4fIPs6eZXF7
 0c/Zi/R8rPYW1viMrH4M/vUldBBLzJG8/xc+XCWd6W0KAPkUOh3ik2Wp8ZbKuhkdOZmo
 VwQR/vUUNgkZzNQs3/Sk7MEIAYIddUiQIbGdE2hf3apUCk6IShoVdUUpeTY+uI09vPA4
 tHrw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1717254172; x=1717858972;
 h=content-transfer-encoding:mime-version:user-agent:message-id:date
 :references:in-reply-to:subject:cc:to:from:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=BCw8gEREcDWX/BAFi8wHItPGSrCCpMVLSNe5av+T5sY=;
 b=NwMxb5FqGisRj2AP6EiOxk7MH58zNqP/O+s308QNvfAuXqvrIyTODMO9IYmAEp9MWb
 Gmu2mVrDbPZ9nJElP091zKZGJP2M5EaA1QDWUECTbDua8fErUeGBd2BTeAo/Av1Pvdvc
 Nq9Mike2epR9PpuJ3qrEMxCSaTxi2IWeFfGQKfuw+mvZwwh4+zdi/5/IQdME5WFfhTkU
 9J1xzQXKSMLUIC8/FfTDj0GtPrJAr/TBzmedHU5rC3K1l1KjzZE8ybtSJylsfVh4FDKM
 a5blMzyJ0xJRvd4+0booDOrBKzlO+i4H6Kv3/tGQHan2AoNLmaAUQwmr/XK2F7Um0WqA
 3Q+Q==
X-Gm-Message-State: AOJu0YzU3HQf/oF0hAWE6ZF67Vqwe+2Ypa2NcLeumhK3lg4hAJ8KHi3o
 654mUTgN3ZIOva8k65swmuyJ3P25hM16i1toy26A4fMZ83giUQkS
X-Google-Smtp-Source: AGHT+IGZShCRmURx1QcdyFE1Irn23PJogCXNZjBJ2clHNs6S8UOnIyUiwyiQx4iOj291pj4LItDykQ==
X-Received: by 2002:a37:e10b:0:b0:794:f011:7a3a with SMTP id
 af79cd13be357-794f5ba9aedmr503473085a.0.1717254171605; 
 Sat, 01 Jun 2024 08:02:51 -0700 (PDT)
Received: from hurd (dsl-10-130-93.b2b2c.ca. [72.10.130.93])
 by smtp.gmail.com with ESMTPSA id
 af79cd13be357-794f2f136fbsm138695285a.53.2024.06.01.08.02.50
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Sat, 01 Jun 2024 08:02:51 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
To: Ludovic =?utf-8?Q?Court=C3=A8s?= <ludo@gnu.org>
Subject: Re: [PATCH 3/3] gnu: patch: Graft to latest commit [security fixes].
In-Reply-To: <87r0dgn36w.fsf@gnu.org> ("Ludovic =?utf-8?Q?Court=C3=A8s=22'?=
 =?utf-8?Q?s?= message of "Sat, 01 Jun 2024 16:32:55 +0200")
References: <28b457771ab0e7ad87cb65600a5898f68be5074a.1717124361.git.maxim.cournoyer@gmail.com>
 <5eda21a09360653b198f1b0d7f52cf531dc97485.1717124361.git.maxim.cournoyer@gmail.com>
 <87r0dgn36w.fsf@gnu.org>
Date: Sat, 01 Jun 2024 11:02:49 -0400
Message-ID: <875xusln8m.fsf@gmail.com>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 47144
Cc: Mark H Weaver <mhw@netris.org>, Leo Famulari <leo@famulari.name>,
 Vivien Kraus <vivien@planete-kraus.eu>, 47144@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Hi Ludovic,

Ludovic Court=C3=A8s <ludo@gnu.org> writes:

> Hi Maxim,
>
> Maxim Cournoyer <maxim.cournoyer@gmail.com> skribis:
>
>>  (define-public patch
>>    (package
>> +    (replacement patch/fixed)
>
> Unless I=E2=80=99m mistaken, this will have practically no effect because=
 Patch
> is a build-time-only dependency.
>
> My recommendation would be to not add a =E2=80=98replacement=E2=80=99 fie=
ld at all.
> Instead, you could add a new =E2=80=98patch/latest=E2=80=99 public variab=
le pointing to
> that commit that you picked.  That way, users running =E2=80=98guix insta=
ll
> patch=E2=80=99 or similar will get the latest version of Patch.

I see what you mean, but for all practical purposes, using a graft seems
a more thorough (because it affects the original 'patch' *variable* as
well) means that have the same effect for users, so I'd seems like a
slightly better option to me.

So e.g. someone using the Guix API referencing exactly to the 'patch'
package variable would get a secure version, but would otherwise need to
know to adjust their code to use 'patch/latest'.

Does that make sense?

--=20
Thanks,
Maxim




From debbugs-submit-bounces@debbugs.gnu.org Tue Jun 04 13:40:37 2024
Received: (at 47144) by debbugs.gnu.org; 4 Jun 2024 17:40:37 +0000
Received: from localhost ([127.0.0.1]:41428 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1sEY9F-0002zd-C3
	for submit@debbugs.gnu.org; Tue, 04 Jun 2024 13:40:37 -0400
Received: from mail-wm1-f48.google.com ([209.85.128.48]:41001)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <zimon.toutoune@gmail.com>) id 1sEY9C-0002zI-5j
 for 47144@debbugs.gnu.org; Tue, 04 Jun 2024 13:40:36 -0400
Received: by mail-wm1-f48.google.com with SMTP id
 5b1f17b1804b1-421547faa0eso726565e9.0
 for <47144@debbugs.gnu.org>; Tue, 04 Jun 2024 10:40:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1717522755; x=1718127555; darn=debbugs.gnu.org;
 h=content-transfer-encoding:mime-version:message-id:date:references
 :in-reply-to:subject:cc:to:from:from:to:cc:subject:date:message-id
 :reply-to; bh=Yp+r4ynYO2IpntdD7+BoMD3+J21D+IkxDq7Cran0r7I=;
 b=HiDjc54NA7Sk7uvcJeRXPA3CBCyE+WL/X//hwEl179KfaYz1OD241sCv2xhyDal/Rg
 +eYvjl8ZD60/nvc+YYuq8grBYOICrnF0vjewjS+egPEiM23akEvfY4BpGLYRtzUsoyrt
 G2SSQhIVDEefmGzRP3IuDl0fUHB9LKjsjqI4SWr2eLdTFINdoiRKlWDkLhhi5wKbLrpe
 cZC1+GXbp1CxsbgyaHJrZ5oLXrA26LmyLCdhTTlECC2q/eiEX+oaUyGqppGb10Ysip5/
 PxSFeTDav5yjf1/No3C/368DbU4+qYEtm7rZW+g3je1VYVRD3jIsoGsOrJeCrT/whug/
 hh5w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1717522755; x=1718127555;
 h=content-transfer-encoding:mime-version:message-id:date:references
 :in-reply-to:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=Yp+r4ynYO2IpntdD7+BoMD3+J21D+IkxDq7Cran0r7I=;
 b=LdMyIfrelrN3iksTYzSJYplz+YteKNM1aIIuBPqTJVzxo0JGcUecSBWJxZ7dH3LCkD
 pKaQaZmetJsz3YO70PA8906j5Ty58sh46E5U7f6llR2Eprxt0Mxwzj2yJfQV+tHBXinl
 MD1BoN6blLWwZdWf6ofwkj2M1ATev8CE8gUoqvnfxIsb+3+FJhDwKoQLrdIKk2vIbbgo
 7+dkc9JzfpzjkWmBt/4jCOU4phD3Fmywx/+a0GC1W5f61h/BB5xviUJ+Er43kkatvDuH
 bpj7gUX+D1/umO0cKskniBZKF3XBpyrChLooAz2WJ+fH/ameOwqbUoEuhZUNZpBElz6J
 cG/A==
X-Forwarded-Encrypted: i=1;
 AJvYcCUkcig4IF9cSiH6/Zjir4OppBhIJmQc1UT2DflAlesus6haRSmFDncbKxtfL4xXoeJSN3sd3OlFJTui79Uh56m2RycXLyw=
X-Gm-Message-State: AOJu0Yx04p4Y1vG3+dSyRJN9Dw/7L5jGxM2T/T7WkErZnu2bku28kNAf
 mrUiU+RY7tP8Ocu5U3LYJMSIfpyAZYkXSVhj9J5XiEjPCKLT39PjNYZMxg==
X-Google-Smtp-Source: AGHT+IElefNWfx1OknkeSkk6lwELAqNMs7bbeG5ERMVA+BWO0SgXqUXzrhYbkZA0B/gldLVaAqVr7Q==
X-Received: by 2002:a05:600c:3c8d:b0:421:2c02:9779 with SMTP id
 5b1f17b1804b1-42156357fddmr2084965e9.4.1717522754411; 
 Tue, 04 Jun 2024 10:39:14 -0700 (PDT)
Received: from lili (roam-nat-fw-prg-194-254-61-47.net.univ-paris-diderot.fr.
 [194.254.61.47]) by smtp.gmail.com with ESMTPSA id
 5b1f17b1804b1-4213a74f6dcsm99032445e9.18.2024.06.04.10.39.13
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Tue, 04 Jun 2024 10:39:14 -0700 (PDT)
From: Simon Tournier <zimon.toutoune@gmail.com>
To: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Subject: Re: bug#47144: [PATCH 3/3] gnu: patch: Graft to latest commit
 [security fixes].
In-Reply-To: <87ikytctzo.fsf@gmail.com>
References: <28b457771ab0e7ad87cb65600a5898f68be5074a.1717124361.git.maxim.cournoyer@gmail.com>
 <5eda21a09360653b198f1b0d7f52cf531dc97485.1717124361.git.maxim.cournoyer@gmail.com>
 <87zfs62c4z.fsf@gmail.com> <87ikytctzo.fsf@gmail.com>
Date: Tue, 04 Jun 2024 17:39:57 +0200
Message-ID: <87le3kyawi.fsf@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 47144
Cc: Mark H Weaver <mhw@netris.org>,
 Ludovic =?utf-8?Q?Court=C3=A8s?= <ludo@gnu.org>, 47144@debbugs.gnu.org,
 Vivien Kraus <vivien@planete-kraus.eu>, Leo Famulari <leo@famulari.name>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Hi Maxim,

On Fri, 31 May 2024 at 21:49, Maxim Cournoyer <maxim.cournoyer@gmail.com> w=
rote:

> I preferred inheritance to avoid having to manually sync things in the
> long run... (hopefully the graft gets ungrafted before 'patch' amasses
> new phatces, but we never know...)

What would be the long run? ;-)

Well, from my perspective, there is nothing to manually sync in the
future.

I mean, the only patch applied to release =E2=80=9C2.7.6=E2=80=9D will be s=
till required
for patch/fixed; hence one will need to do what I am proposing if
=E2=80=99patch=E2=80=99 is removed.  Else if =E2=80=99patch=E2=80=99 receiv=
es some security fixes, then
it seems expected to assume that the fix will be included in the latest
patch (here =E2=80=99patch/fixed=E2=80=99).  Last, please note that =E2=80=
=99patch=E2=80=99 is barely
modified.

--8<---------------cut here---------------start------------->8---
$ git log --format=3D"%cd %s" -- gnu/packages/base.scm | grep 'gnu: patch'
Thu May 30 11:35:13 2024 -0400 gnu: patch: Fix indentation.
Sun Apr 22 22:40:48 2018 +0200 gnu: patch: Work around a cross-compilation =
issue.
Wed Mar 14 22:11:34 2018 +0100 gnu: patch: Update to 2.7.6.
Fri Jun 12 15:46:25 2015 +0300 gnu: patch: Set PATH_MAX for Hurd systems.
Mon Mar 9 22:56:50 2015 -0400 gnu: patch: Update to 2.7.5.
Sat Mar 7 20:34:50 2015 -0500 Revert "gnu: patch: Update to 2.7.5."
Sun Mar 8 00:32:11 2015 +0100 gnu: patch: Update to 2.7.5.
Wed Feb 11 11:23:46 2015 +0100 gnu: patch: Update to 2.7.4.
Fri Feb 6 13:53:28 2015 +0100 gnu: patch: Add 2.7.4 and make it a replaceme=
nt for the default one.
Sat Apr 27 00:23:19 2013 +0200 gnu: patch: Update to 2.7.1.
--8<---------------cut here---------------end--------------->8---

I still think that it eases to have the patch close to the source
instead of coming from inheritance. Anyway. :-)

Cheers,
simon




From debbugs-submit-bounces@debbugs.gnu.org Tue Jun 04 21:09:38 2024
Received: (at 47144) by debbugs.gnu.org; 5 Jun 2024 01:09:38 +0000
Received: from localhost ([127.0.0.1]:40027 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1sEf9m-0006Vd-11
	for submit@debbugs.gnu.org; Tue, 04 Jun 2024 21:09:38 -0400
Received: from mail-oo1-f45.google.com ([209.85.161.45]:54430)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maxim.cournoyer@gmail.com>) id 1sEf9l-0006VH-2z
 for 47144@debbugs.gnu.org; Tue, 04 Jun 2024 21:09:37 -0400
Received: by mail-oo1-f45.google.com with SMTP id
 006d021491bc7-5b52b0d0dfeso3110136eaf.0
 for <47144@debbugs.gnu.org>; Tue, 04 Jun 2024 18:09:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1717549696; x=1718154496; darn=debbugs.gnu.org;
 h=content-transfer-encoding:mime-version:user-agent:message-id:date
 :references:in-reply-to:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=/a/1hIiU717O6F/0KPKpYd1+Fd2zpO/D1/t2IJhinJ8=;
 b=l5N1Sp9WtNmkAbngCJLwcs3IJHFWsfM73pWzN42wGTYjFP6O6Ek7S6db496NKNTlbT
 7Z20k0ivMS4nCBUVfTsdSeTjhOAs1sEXdnGlO+7i9OXy9QTymLU5BYBi5l6tBKGIYG6h
 CbVDbonD2Jysyr0C92Mb0zVAE6yDO1njV4xPyXH8N1rIqzMUzawrJtonEkCzqX5awA+H
 wQkKOSyW/FB0qBlwyVpu1bs46hW0f0oRbRLTsDPneOWDsWpFCHiQPya3/TbHhD6OGbCs
 beEC6PqgKklPqk7JqkQZ1IX34BE9RST/1eIhXGI8NjrTNOnqB7WY+Jabg95dMMGuMio7
 5V8g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1717549696; x=1718154496;
 h=content-transfer-encoding:mime-version:user-agent:message-id:date
 :references:in-reply-to:subject:cc:to:from:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=/a/1hIiU717O6F/0KPKpYd1+Fd2zpO/D1/t2IJhinJ8=;
 b=ByFz/rrYPA4kY38cTRQyyLfoc+DFP5pwfP2i0VMc7VaPQjLhXtos4OmDAHiADi9DMq
 +ZHldzTJDEmwNRDmo5TB675MaDGB9Fqu4Q5BxZyrHdOZDSXBnwlD6gxEKo0uNlT/7H1x
 +xrWi8GXY8OqecInw1vVb7WZDGNDs8tn0dpi5rpPFPJKPXq2SgZsMe7gfjkwHEt9Qu7T
 vP+E8DhHHMXVZxTYqe9KPcTVYgEF9a2c/MPy1iuhkAfqeSAZ6WSlDx/0nceKHrHFb+QA
 bAITBFw1B4TkJDQ4a/ZMKWwg8jt+WSwmntumVEpxZbPyEWbkaO8RmWzah50B504780Tn
 gQDQ==
X-Forwarded-Encrypted: i=1;
 AJvYcCVH6TomXbTMwyZXBSXUv4OXjjk/uslBzH+v3IydlplkdnmzN9tluy2I/R9N8t5wrIM6/S58gqJBuUHeyxvlzzm3xcI6sqU=
X-Gm-Message-State: AOJu0Yz2wypoxKRj0ofI5G2Rn9Vp74P/kzDenoO0l9Zh5QEa81nAO9TE
 7QWGzVOpt942qNsoqVAC99s2uXb8qMXZJ3hx2epKmFXdqEI6Xk7aPJI7HrUI
X-Google-Smtp-Source: AGHT+IG2tQU1nztOp8IzlO+B757uKfrzPjV+gStbqxj2SivZPaEr/uWkjb6dcY0GNa+xRnbaARNIgw==
X-Received: by 2002:a05:6870:724f:b0:24f:cddc:ccff with SMTP id
 586e51a60fabf-251227192femr1299013fac.21.1717549696368; 
 Tue, 04 Jun 2024 18:08:16 -0700 (PDT)
Received: from hurd (dsl-154-1.b2b2c.ca. [66.158.154.1])
 by smtp.gmail.com with ESMTPSA id
 af79cd13be357-795232c2858sm33081585a.90.2024.06.04.18.08.15
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Tue, 04 Jun 2024 18:08:15 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
To: Simon Tournier <zimon.toutoune@gmail.com>
Subject: Re: bug#47144: [PATCH 3/3] gnu: patch: Graft to latest commit
 [security fixes].
In-Reply-To: <87le3kyawi.fsf@gmail.com> (Simon Tournier's message of "Tue, 04
 Jun 2024 17:39:57 +0200")
References: <28b457771ab0e7ad87cb65600a5898f68be5074a.1717124361.git.maxim.cournoyer@gmail.com>
 <5eda21a09360653b198f1b0d7f52cf531dc97485.1717124361.git.maxim.cournoyer@gmail.com>
 <87zfs62c4z.fsf@gmail.com> <87ikytctzo.fsf@gmail.com>
 <87le3kyawi.fsf@gmail.com>
Date: Tue, 04 Jun 2024 21:08:14 -0400
Message-ID: <87plsw42o1.fsf@gmail.com>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 47144
Cc: Mark H Weaver <mhw@netris.org>,
 Ludovic =?utf-8?Q?Court=C3=A8s?= <ludo@gnu.org>, 47144@debbugs.gnu.org,
 Vivien Kraus <vivien@planete-kraus.eu>, Leo Famulari <leo@famulari.name>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Hi,

Simon Tournier <zimon.toutoune@gmail.com> writes:

> Hi Maxim,
>
> On Fri, 31 May 2024 at 21:49, Maxim Cournoyer <maxim.cournoyer@gmail.com>=
 wrote:
>
>> I preferred inheritance to avoid having to manually sync things in the
>> long run... (hopefully the graft gets ungrafted before 'patch' amasses
>> new phatces, but we never know...)
>
> What would be the long run? ;-)

> Well, from my perspective, there is nothing to manually sync in the
> future.

You're probably right.

> I mean, the only patch applied to release =E2=80=9C2.7.6=E2=80=9D will be=
 still required
> for patch/fixed; hence one will need to do what I am proposing if
> =E2=80=99patch=E2=80=99 is removed.  Else if =E2=80=99patch=E2=80=99 rece=
ives some security fixes, then
> it seems expected to assume that the fix will be included in the latest
> patch (here =E2=80=99patch/fixed=E2=80=99).  Last, please note that =E2=
=80=99patch=E2=80=99 is barely
> modified.

OK.  I don't mind to do this change.  I'll send e revised version with
that done.

--=20
Thanks,
Maxim




From debbugs-submit-bounces@debbugs.gnu.org Tue Jun 04 21:26:06 2024
Received: (at 47144) by debbugs.gnu.org; 5 Jun 2024 01:26:06 +0000
Received: from localhost ([127.0.0.1]:41197 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1sEfPh-0007ES-L2
	for submit@debbugs.gnu.org; Tue, 04 Jun 2024 21:26:05 -0400
Received: from mail-qv1-f47.google.com ([209.85.219.47]:46365)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maxim.cournoyer@gmail.com>) id 1sEfPf-0007Dl-C3
 for 47144@debbugs.gnu.org; Tue, 04 Jun 2024 21:26:04 -0400
Received: by mail-qv1-f47.google.com with SMTP id
 6a1803df08f44-6ae1059a62fso10181106d6.1
 for <47144@debbugs.gnu.org>; Tue, 04 Jun 2024 18:25:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1717550683; x=1718155483; darn=debbugs.gnu.org;
 h=content-transfer-encoding:mime-version:message-id:date:subject:cc
 :to:from:from:to:cc:subject:date:message-id:reply-to;
 bh=JesekdO6gPneH4ANpfCZFLozVGSBhIZMjDJDVKkXBww=;
 b=iMp/gp2C8ApxmNITYbFY4C5Dvrk4bHPqWCHfR6mQVavGDrJxnFAV0x0ff492ns+oYB
 cctFQmJZe36kcJ2sCWiq3seZbrS0uFBvz0g0ycx9E4O4rVqLkjEJN+TtXIlxuncW/0H7
 0u9mrrL2ckHmKgurvV3PpXaH2cQZx6i1b532oWgZJxaOHZDwSPpEEqyqgXYZ49P/WC53
 J832wGkwVkTEm4eyHi77TsLSs1IlA9hN8CMle6xOI8Z206dTkKnX1mbiEpKK5+EkUp5m
 OXNwHar/S5ExVtDbTs2jFT/HyTB/3WK87rAY6I6leHSrhbM2GbyqXS2dNpRYNYMLhPqe
 bHgg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1717550683; x=1718155483;
 h=content-transfer-encoding:mime-version:message-id:date:subject:cc
 :to:from:x-gm-message-state:from:to:cc:subject:date:message-id
 :reply-to;
 bh=JesekdO6gPneH4ANpfCZFLozVGSBhIZMjDJDVKkXBww=;
 b=YODK70vp5f+JjV4RWYMtdXz3c97Tfrp36FeMxZH7tThJVSfPf9klXwo6RxCMIfGuHl
 snf7sJt/7S+TnmUDKOqS5gRzD2+Fd8X7GhkMAUB8nAj/LjIuxMGaGmKa4xGbFaLONBcW
 EcfvmPRyrVa1GlP5Upodv8hPOVsdl5GQ48YCgqzi0TaS3DPipQJ43KxTJhfnlugmIglv
 8jxo3TqKEJm+2LdXaFs+RMj4FNVM03wHRYXJNhpW+25nZD6vhjjnWPjL3htzLHQ9P1yX
 vYhaC2jkzqxdKVib5hxJn5gRfIyGIID05T64iDNwkqbn8oV9oqRBCadTHwMvJJLPKZ2W
 hPzQ==
X-Gm-Message-State: AOJu0YxtKmMqkMLAlkKXKHrzbFYm4AuYQt6lkrS0/gOcco6LfmhL3vGg
 OTcvTNMCsvmFZ2Qwu6p1We7Qkv/X67kufM2TokjQ+DlQDe+JpHVeZAx9Gc5I
X-Google-Smtp-Source: AGHT+IHAyeHZxbaTK5g7G6WTMGH7Y5kKoUvsMaH6H12/5zzSwjDMNq2GrbcThy0G/BkJVox60KSxqg==
X-Received: by 2002:a05:6214:4598:b0:6ab:7234:4c85 with SMTP id
 6a1803df08f44-6b02bf90c11mr11182446d6.32.1717550682765; 
 Tue, 04 Jun 2024 18:24:42 -0700 (PDT)
Received: from localhost.localdomain (dsl-154-1.b2b2c.ca. [66.158.154.1])
 by smtp.gmail.com with ESMTPSA id
 6a1803df08f44-6ae4b429a70sm43950116d6.128.2024.06.04.18.24.41
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Tue, 04 Jun 2024 18:24:42 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
To: 47144@debbugs.gnu.org
Subject: [PATCH v3 1/3] gnu: ucd: Update to 15.1.0.
Date: Tue,  4 Jun 2024 21:24:26 -0400
Message-ID: <a3641c8501b839cb4490edca279bf15a8141b8ea.1717550623.git.maxim.cournoyer@gmail.com>
X-Mailer: git-send-email 2.45.1
MIME-Version: 1.0
X-Debbugs-Cc: Mark H Weaver <mhw@netris.org>, Ludovic Courtès <ludo@gnu.org>, Léo Le Bouter <lle-bout@zaclys.net>, Leo Famulari <leo@famulari.name>, Maxim Cournoyer <maxim.cournoyer@gmail.com>, Simon Tournier <zimon.toutoune@gmail.com>
Content-Transfer-Encoding: 8bit
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 47144
Cc: Maxim Cournoyer <maxim.cournoyer@gmail.com>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

* gnu/packages/unicode.scm (ucd): Update to 15.1.0.

Change-Id: I0828544c35eef90a8f76c2084362ee4594189244
---

(no changes since v1)

 gnu/packages/unicode.scm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gnu/packages/unicode.scm b/gnu/packages/unicode.scm
index 23f08a2aab..fe188ed71d 100644
--- a/gnu/packages/unicode.scm
+++ b/gnu/packages/unicode.scm
@@ -77,14 +77,14 @@ (define-public libunibreak
 (define-public ucd
   (package
     (name "ucd")
-    (version "15.0.0")
+    (version "15.1.0")
     (source
      (origin
        (method url-fetch/zipbomb)
        (uri (string-append "https://www.unicode.org/Public/zipped/" version
                            "/UCD.zip"))
        (sha256
-        (base32 "133inqn33hcfvylmps63yjr6rrqrfq6x7a5hr5fd51z6yc0f9gaz"))))
+        (base32 "0xv10nkvg6451415imvb0qx72ljp0hv9f8h1sl6509ir0lync76b"))))
     (build-system copy-build-system)
     (arguments
      '(#:install-plan

base-commit: dc4c48f10281007a0ab3541b8a64198c60c6d5b0
-- 
2.45.1





From debbugs-submit-bounces@debbugs.gnu.org Tue Jun 04 21:26:09 2024
Received: (at 47144) by debbugs.gnu.org; 5 Jun 2024 01:26:09 +0000
Received: from localhost ([127.0.0.1]:41202 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1sEfPk-0007Eq-2o
	for submit@debbugs.gnu.org; Tue, 04 Jun 2024 21:26:09 -0400
Received: from mail-yw1-f175.google.com ([209.85.128.175]:55362)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maxim.cournoyer@gmail.com>) id 1sEfPh-0007Do-BA
 for 47144@debbugs.gnu.org; Tue, 04 Jun 2024 21:26:07 -0400
Received: by mail-yw1-f175.google.com with SMTP id
 00721157ae682-627ecda47d0so62644887b3.2
 for <47144@debbugs.gnu.org>; Tue, 04 Jun 2024 18:25:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1717550685; x=1718155485; darn=debbugs.gnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=AiaqA2+EXFwjX21dNzzTl/6y7uC9QURWRHFdaXf0vXQ=;
 b=QXpwy3STKDOxdEfYTdRQjj1TAxCNQZUKkBNkTi64Hujd+EeawlRNQGqiBJ7KmVn21Y
 9JMUlTicza6G5LSXv7jOhKOj6YDGX5+6LCUB3hs4gskr6jPKbXjvKpKkrpecKjAew5rS
 oGNKRiWJ3RUP/CDWcyj9g0ovut2LLBGsjDR3QxBjQyZt+NQXrXLM7umnfRDtWjaDPxee
 X6nvdO7ftuwEBfmGWk7uHw6Mfu6HSg6ZncGniPiZ+5YsN05a/gF0if1kCjhz/lb4+cRW
 Sc2k68dnv9EIBWFAqLK+y7rYmK+RKBiS++7GcAoDwee1WuAxL+p/5m2MB9CJ2xMpiJa/
 GB8Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1717550685; x=1718155485;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=AiaqA2+EXFwjX21dNzzTl/6y7uC9QURWRHFdaXf0vXQ=;
 b=ejMZPbmltYta9CS3QbPT9hbsClQPMS/HCJKQ/NHomfiXBPv0JcW+uJ2WH2sETWeLkd
 3UUOmcHRFXCTc9tp1R6Q9zD5zc9tMZWXkM6mAm4ja+qkPqp9bxQW6cDU2EXM6zGj+Wql
 B0me8ewbSUgYmVFcY3pWvbVVlt2RPY88PnOBaok92UtSO7lzMC/F0kCtgR+Q+V00gmRP
 4MsCDrI6EIp72+HkdkLfM8pGS/sqluLphE+qgJJic3mslFUsccoeAdfySHptLB6nKclr
 1TxlZ5yT0y7ayiRd1mCVQwoWbbSapWAh9TB0srICZ54t3NXQyOyWD0I++FD9rEjUiKc5
 9Rhw==
X-Gm-Message-State: AOJu0Yyv9gOARcHFNQWcKbcKg3zdUm1BS4HaqPQaL6Q2qVV4VnPZopB2
 1GjcFM7fa94K5ID0MsoP7F2xuTe9hPJTM9RCylizzj2NjueWAF1VnomP++QV
X-Google-Smtp-Source: AGHT+IG4RTU/JeHZvoyG1pSz+Rkn9t4h1xqewnWdhtiMleHbXo3Cc7aH+LITaXX26dMk+VdZi6hThg==
X-Received: by 2002:a81:8b54:0:b0:618:8a27:f06 with SMTP id
 00721157ae682-62cbb4a9452mr10035727b3.9.1717550685286; 
 Tue, 04 Jun 2024 18:24:45 -0700 (PDT)
Received: from localhost.localdomain (dsl-154-1.b2b2c.ca. [66.158.154.1])
 by smtp.gmail.com with ESMTPSA id
 6a1803df08f44-6ae4b429a70sm43950116d6.128.2024.06.04.18.24.44
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Tue, 04 Jun 2024 18:24:44 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
To: 47144@debbugs.gnu.org
Subject: [PATCH v3 2/3] gnu: gnulib: Update to 2024-05-30-1.ac4b301.
Date: Tue,  4 Jun 2024 21:24:27 -0400
Message-ID: <c34f058c9534a551b2cdc24cac9c642af14e842c.1717550623.git.maxim.cournoyer@gmail.com>
X-Mailer: git-send-email 2.45.1
In-Reply-To: <a3641c8501b839cb4490edca279bf15a8141b8ea.1717550623.git.maxim.cournoyer@gmail.com>
References: <a3641c8501b839cb4490edca279bf15a8141b8ea.1717550623.git.maxim.cournoyer@gmail.com>
MIME-Version: 1.0
X-Debbugs-Cc: Mark H Weaver <mhw@netris.org>, Ludovic Courtès <ludo@gnu.org>, Léo Le Bouter <lle-bout@zaclys.net>, Leo Famulari <leo@famulari.name>, Maxim Cournoyer <maxim.cournoyer@gmail.com>, Simon Tournier <zimon.toutoune@gmail.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 47144
Cc: Maxim Cournoyer <maxim.cournoyer@gmail.com>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Also fix the commands, which would fail due to not finding their
implementation scripts.

* gnu/packages/patches/gnulib-bootstrap.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/build-tools.scm (gnulib): Update to 2024-05-30-1.ac4b301.
[source]: Apply patch.
[phases] {patch-source-shebangs, patch-generated-file-shebangs}
{patch-usr-bin-file, restore-shebangs}: Delete phases.
{disable-failing-tests}: Disable sc_error_message_warn_fatal,
sc_prefer_angle_bracket_headers, sc_check_config_h_reminder,
sc_prohibit_sc_omitted_at, sc_readme_link_copying, sc_readme_link_install,
sc_unsigned_char, sc_unsigned_int,  sc_unsigned_long and sc_unsigned_short
checks.
{regenerate-unicode}: Register BidiMirroring.txt unicode data file.

Change-Id: I154b2c5980b671f1e73e7a1f74d926ea080a7aa0
---

(no changes since v1)

 gnu/local.mk                                |  1 +
 gnu/packages/build-tools.scm                | 55 ++++++++-------
 gnu/packages/patches/gnulib-bootstrap.patch | 75 +++++++++++++++++++++
 3 files changed, 107 insertions(+), 24 deletions(-)
 create mode 100644 gnu/packages/patches/gnulib-bootstrap.patch

diff --git a/gnu/local.mk b/gnu/local.mk
index 6934d5ccc7..b369127194 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1393,6 +1393,7 @@ dist_patch_DATA =						\
   %D%/packages/patches/gnome-settings-daemon-gc.patch		\
   %D%/packages/patches/gnome-session-support-elogind.patch	\
   %D%/packages/patches/gnome-tweaks-search-paths.patch		\
+  %D%/packages/patches/gnulib-bootstrap.patch			\
   %D%/packages/patches/gnumach-support-noide.patch		\
   %D%/packages/patches/gnupg-default-pinentry.patch		\
   %D%/packages/patches/gnupg-1-build-with-gcc10.patch		\
diff --git a/gnu/packages/build-tools.scm b/gnu/packages/build-tools.scm
index daaf450e70..82abf5b9f1 100644
--- a/gnu/packages/build-tools.scm
+++ b/gnu/packages/build-tools.scm
@@ -13,7 +13,7 @@
 ;;; Copyright © 2020 Jakub Kądziołka <kuba@kadziolka.net>
 ;;; Copyright © 2020, 2023 Efraim Flashner <efraim@flashner.co.il>
 ;;; Copyright © 2021 qblade <qblade@protonmail.com>
-;;; Copyright © 2021, 2023 Maxim Cournoyer <maxim.cournoyer@gmail.com>
+;;; Copyright © 2021, 2023, 2024 Maxim Cournoyer <maxim.cournoyer@gmail.com>
 ;;; Copyright © 2022, 2023 Juliana Sims <juli@incana.org>
 ;;;
 ;;; This file is part of GNU Guix.
@@ -853,12 +853,15 @@ (define*-public (gnulib-checkout #:key
                           ;; FIXME: tests/uniname/HangulSyllableNames.txt
                           ;; seems like a UCD file but it is not distributed
                           ;; with UCD.
-                          "tests/uniwbrk/WordBreakTest.txt")))))))
+                          "tests/uniwbrk/WordBreakTest.txt")))))
+       (patches (search-patches "gnulib-bootstrap.patch"))))
     (build-system copy-build-system)
     (arguments
      (list
       #:install-plan
       #~'(("./gnulib-tool" "bin/")
+          ("./gnulib-tool.py" "bin/")
+          ("./gnulib-tool.sh" "bin/")
           ("." "src/gnulib" #:exclude-regexp ("\\.git.*")))
       #:modules '((ice-9 match)
                   (guix build utils)
@@ -866,6 +869,13 @@ (define*-public (gnulib-checkout #:key
                   ((guix build gnu-build-system) #:prefix gnu:))
       #:phases
       #~(modify-phases %standard-phases
+          ;; Since this package is intended to be used in source form, it
+          ;; should not retain references to tools (with the exception for the
+          ;; commands we install, which should be wrapper for proper
+          ;; execution).
+          (delete 'patch-source-shebangs)
+          (delete 'patch-generated-file-shebangs)
+          (delete 'patch-usr-bin-file)
           (add-before 'install 'check
             (assoc-ref gnu:%standard-phases 'check))
           (add-before 'check 'fix-tests
@@ -889,8 +899,10 @@ (define*-public (gnulib-checkout #:key
   sc_Wundef_boolean \\
   sc_copyright_check \\
   sc_file_system \\
+  sc_error_message_warn_fatal \\
   sc_indent \\
   sc_keep_gnulib_texi_files_mostly_ascii \\
+  sc_prefer_angle_bracket_headers \\
   sc_prohibit_assert_without_use \\
   sc_prohibit_close_stream_without_use \\
   sc_prohibit_defined_have_decl_tests \\
@@ -899,15 +911,22 @@ (define*-public (gnulib-checkout #:key
   sc_prohibit_intprops_without_use \\
   sc_prohibit_openat_without_use \\
   sc_prohibit_test_minus_ao \\
-  sc_unportable_grep_q"))
+  sc_readme_link_copying \\
+  sc_readme_link_install \\
+  sc_unportable_grep_q \\
+  sc_unsigned_char \\
+  sc_unsigned_int \\
+  sc_unsigned_long \\
+  sc_unsigned_short"))
               (substitute* "Makefile"
-                (("sc_check_(sym_list|copyright)" rule)
+                (("sc_check_(sym_list|copyright|config_h_reminder)" rule)
                  (string-append "disabled_check_" rule))
                 (("sc_cpp_indent_check")
                  "disabled_cpp_indent_check")
                 (("sc_prefer_ac_check_funcs_once")
                  "disabled_prefer_ac_check_funcs_once")
-                (("sc_prohibit_(AC_LIBOBJ_in_m4|leading_TABs)" rule)
+                (("sc_prohibit_(AC_LIBOBJ_in_m4|leading_TABs\
+|sc_omitted_at)" rule)
                  (string-append "disabled_prohibit_" rule)))))
           (add-before 'check 'regenerate-unicode
             (lambda* (#:key inputs #:allow-other-keys)
@@ -939,7 +958,8 @@ (define*-public (gnulib-checkout #:key
                              (sha256
                               (base32
                                "0k6wyijyzdl5g3nibcwfm898kfydx1pqaz28v7fdvnzdvd5fz7lh"))))
-                        (find-ucd-files "EastAsianWidth.txt"
+                        (find-ucd-files "BidiMirroring.txt"
+                                        "EastAsianWidth.txt"
                                         "LineBreak.txt"
                                         "auxiliary/WordBreakProperty.txt"
                                         "auxiliary/GraphemeBreakProperty.txt"
@@ -962,22 +982,9 @@ (define*-public (gnulib-checkout #:key
                    ("NormalizationTest.txt" . "uninorm")
                    ("auxiliary/GraphemeBreakTest.txt" . "unigbrk")
                    ("auxiliary/WordBreakTest.txt" . "uniwbrk")))
-                (delete-file "gen-uni-tables"))))
-          (add-after 'install 'restore-shebangs
-            (lambda _
-              (substitute* (find-files
-                            (string-append #$output "/src/gnulib")
-                            (lambda (fname stat)
-                              (and (not (string-suffix? "/lib/javaversion.class" fname))
-                                   (not (string-suffix? ".mo" fname)))))
-                (("^#! ?(.*)/bin/sh" _ prefix)
-                 "#!/bin/sh")
-                (("^#! ?(.*)/bin/python3" _ prefix)
-                 "#!/usr/bin/env python3")
-                (("^#! ?(.*)/bin/([a-zA-Z0-9-]+)" _ prefix program)
-                 (string-append "#!/usr/bin/" program))))))))
+                (delete-file "gen-uni-tables")))))))
     (inputs
-     (list bash-minimal))                         ;shebang for gnulib-tool
+     (list bash-minimal)) ;shebang for gnulib-tool
     (native-inputs
      (list
       bash-minimal python perl clisp
@@ -1005,9 +1012,9 @@ (define*-public (gnulib-checkout #:key
 
 (define-public gnulib
   (gnulib-checkout
-   #:version "2022-12-31"
-   #:commit "875461ffdf58ac04677957b4ae4160465b83b940"
-   #:hash (base32 "0bf7a6wdns9c5wwv60qfcn9llg0j6jz5ryd2qgsqqx2i6xkmp77c")))
+   #:version "2024-05-30"
+   #:commit "ac4b301ae15223c98b51cd5a0eda2e2cf57c817b"
+   #:hash (base32 "0f4w56fc97clg13mmdghx84dh9xqmaqr3j672ppfh3h66gmmmvzs")))
 
 (define-public pdpmake
   (package
diff --git a/gnu/packages/patches/gnulib-bootstrap.patch b/gnu/packages/patches/gnulib-bootstrap.patch
new file mode 100644
index 0000000000..c0c9a5e732
--- /dev/null
+++ b/gnu/packages/patches/gnulib-bootstrap.patch
@@ -0,0 +1,75 @@
+From adbf7ce2c2b03ce5ee25d4c68f9bb247b0dcbc2b Mon Sep 17 00:00:00 2001
+From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
+Date: Thu, 30 May 2024 14:48:04 -0400
+Subject: [PATCH] bootstrap: Use gnulib-tool from PATH if available.
+
+Some distributions such as GNU Guix include in their package for
+gnulib a 'gnulib-tool' command under their $bindir
+prefix (e.g. '/bin') for users to use, along the unmodified full
+sources.  The idea is that any wrapping or distribution modifications
+for the *execution* of the script at run time is done on these
+commands, while the rest of the source should be in their
+pristine (unmodified) version.  Adjust the 'gnulib-tool' discovery
+mechanism to support such installation layout.
+
+* build-aux/bootstrap (autogen) <gnulib_tool>: Prefer to use from
+PATH, else from $GNULIB_SRCDIR/../../bin/gnulib-tool, else from
+$GNULIB_SRCDIR/gnulib-tool.
+* gnulib-tool.sh (func_gnulib_dir): Honor GNULIB_SRCDIR to locate
+gnulib's main directory.
+---
+ build-aux/bootstrap | 11 +++++++++--
+ gnulib-tool.sh      |  6 +++++-
+ 2 files changed, 14 insertions(+), 3 deletions(-)
+
+diff --git a/build-aux/bootstrap b/build-aux/bootstrap
+index 6295b8a128..06271eea8b 100755
+--- a/build-aux/bootstrap
++++ b/build-aux/bootstrap
+@@ -3,7 +3,7 @@
+ 
+ # Bootstrap this package from checked-out sources.
+ 
+-scriptversion=2024-04-13.15; # UTC
++scriptversion=2024-05-30.20; # UTC
+ 
+ # Copyright (C) 2003-2024 Free Software Foundation, Inc.
+ #
+@@ -1164,7 +1164,14 @@ autogen()
+   fi
+ 
+   if $use_gnulib; then
+-    gnulib_tool=$GNULIB_SRCDIR/gnulib-tool
++    gnulib_tool=$(command -v gnulib-tool)
++    if test -x "$gnulib_tool"; then
++      :                         # done
++    elif test -x $GNULIB_SRCDIR/../../bin/gnulib-tool; then
++      gnulib_tool=$GNULIB_SRCDIR/../../bin/gnulib-tool
++    else
++      gnulib_tool=$GNULIB_SRCDIR/gnulib-tool
++    fi
+     <$gnulib_tool || return
+   fi
+ 
+diff --git a/gnulib-tool.sh b/gnulib-tool.sh
+index 12f0b82461..0aefbe2b2b 100755
+--- a/gnulib-tool.sh
++++ b/gnulib-tool.sh
+@@ -518,7 +518,11 @@ func_gnulib_dir ()
+       * ) self_abspathname=`echo "$self_abspathname" | sed -e 's,/[^/]*$,,'`/"$linkval" ;;
+     esac
+   done
+-  gnulib_dir=`echo "$self_abspathname" | sed -e 's,/[^/]*$,,'`
++  if test -n "$GNULIB_SRCDIR"; then
++    gnulib_dir=$GNULIB_SRCDIR
++  else
++    gnulib_dir=`echo "$self_abspathname" | sed -e 's,/[^/]*$,,'`
++  fi
+ }
+ 
+ # func_tmpdir
+
+base-commit: ac4b301ae15223c98b51cd5a0eda2e2cf57c817b
+-- 
+2.41.0
+
-- 
2.45.1





From debbugs-submit-bounces@debbugs.gnu.org Tue Jun 04 21:26:13 2024
Received: (at 47144) by debbugs.gnu.org; 5 Jun 2024 01:26:13 +0000
Received: from localhost ([127.0.0.1]:41215 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1sEfPo-0007FC-6X
	for submit@debbugs.gnu.org; Tue, 04 Jun 2024 21:26:13 -0400
Received: from mail-yw1-f181.google.com ([209.85.128.181]:59852)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maxim.cournoyer@gmail.com>) id 1sEfPk-0007ED-IJ
 for 47144@debbugs.gnu.org; Tue, 04 Jun 2024 21:26:10 -0400
Received: by mail-yw1-f181.google.com with SMTP id
 00721157ae682-62a0873c6e4so65090067b3.3
 for <47144@debbugs.gnu.org>; Tue, 04 Jun 2024 18:25:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1717550688; x=1718155488; darn=debbugs.gnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=2TbQm5uouq+AgGZASD/tOSuurtpedKIx2xqIQOjHWoE=;
 b=gAQBkGhsWI29sUTtJlzREeeMyfC1KB147NoMzrq/wA1asMa+4L+2PAPlGWryGxsqPD
 5dN/En53w7mmFgzIlsjgu/MK7lP6K2wXPpYxi9mKsEqsa/fT06SAFgZIvP0WSzkrGQTI
 h7kWSvDO2v79lXHvLCOZ1prll99orL2gB4Mi4qlJ38lO4VGsn7EU5GAvC+XP4rn+XYpM
 1uvs2e4Vk5Lt8RA+KHY8y9XX6LzhUNqLisLgvmmulePPzx/HWgo3LSAEg9zGWhqWXPac
 a13/3PHKrJTn9hDrdcXT0eUKuzl9o76BIlpT04gtmuc3EAycwTUbG4I5DpFbP2ER/H3H
 6BMw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1717550688; x=1718155488;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=2TbQm5uouq+AgGZASD/tOSuurtpedKIx2xqIQOjHWoE=;
 b=BCzimBzetl0xWWKAEpO2KGW50kbzCmE6IE2nnss9Gz6BPgfhp90f7nyCqwPtXJkor+
 KAKoVY84KYcdGQKquUZGGytzZGJQryWzxuYnRqcXHUW8kKXEfPkr3MxoLrb6QVBDr4Dm
 7EQd/DEdo4m9ISfwgLQ7Lrkry0jYwCLDC5hQ6wBqXfYROUJisCI+KFd+1INZH36v6vpH
 Ol7jPCbcsD//NqwdADAn3WEe9yJUEiLlPprHiIYpyimgmZzRANBBF+9iAhOEvPjWdFtd
 fPz6TqqcToACXC14BoWsNlRsmuTMyIhQpgI1U9nciIO817V6NIGBPyOfGC6Q7C3qXXXs
 V9Ow==
X-Gm-Message-State: AOJu0Yw2h4rwh73Xja9bN0YhmNMIwrBcSR159Tiv+yyBP2YIYZW1oLGk
 qVb0fAd41HptnYJ4HilrX21WhYDDYdecEdVanUGmVofZgLVowDaU+20Y4emt
X-Google-Smtp-Source: AGHT+IFgdMjnJADOL/bafcoxEKHUwuzqbs+VAN5bKQmdNY0uVK4NzFYAZ23ByOhaiurlsyn3CvhWzA==
X-Received: by 2002:a25:d303:0:b0:dfa:6e39:95af with SMTP id
 3f1490d57ef6-dfacad0b47bmr1340124276.53.1717550687861; 
 Tue, 04 Jun 2024 18:24:47 -0700 (PDT)
Received: from localhost.localdomain (dsl-154-1.b2b2c.ca. [66.158.154.1])
 by smtp.gmail.com with ESMTPSA id
 6a1803df08f44-6ae4b429a70sm43950116d6.128.2024.06.04.18.24.47
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Tue, 04 Jun 2024 18:24:47 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
To: 47144@debbugs.gnu.org
Subject: [PATCH v3 3/3] gnu: patch: Graft to latest commit [security fixes].
Date: Tue,  4 Jun 2024 21:24:28 -0400
Message-ID: <6637c8e33997272ab489b7f35e587c3abd77b82b.1717550623.git.maxim.cournoyer@gmail.com>
X-Mailer: git-send-email 2.45.1
In-Reply-To: <a3641c8501b839cb4490edca279bf15a8141b8ea.1717550623.git.maxim.cournoyer@gmail.com>
References: <a3641c8501b839cb4490edca279bf15a8141b8ea.1717550623.git.maxim.cournoyer@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
X-Debbugs-Cc: Mark H Weaver <mhw@netris.org>, Ludovic Courtès <ludo@gnu.org>, Léo Le Bouter <lle-bout@zaclys.net>, Leo Famulari <leo@famulari.name>, Maxim Cournoyer <maxim.cournoyer@gmail.com>, Simon Tournier <zimon.toutoune@gmail.com>
Content-Transfer-Encoding: 8bit
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 47144
Cc: Mark H Weaver <mhw@netris.org>, Maxim Cournoyer <maxim.cournoyer@gmail.com>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

* gnu/packages/base.scm (patch/fixed): New variable.
(patch) [replacement]: Graft with the above.

Fixes: https://issues.guix.gnu.org/47144
Reported-by: Mark H Weaver <mhw@netris.org>
Change-Id: I54ae41b735f5ba0ebad30ebdfaabe0ccdc3f9873
---

Changes in v3:
 - Do not use inheritance for patch/fixed origin

Changes in v2:
 - Use same version to have the same store length, a graft requirement
 - Copy the gnulib source in a phase to avoid introducing a dependency cycle

 gnu/packages/base.scm | 52 ++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 51 insertions(+), 1 deletion(-)

diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm
index bbe5b8cf57..3246b7bd0a 100644
--- a/gnu/packages/base.scm
+++ b/gnu/packages/base.scm
@@ -19,7 +19,7 @@
 ;;; Copyright © 2021 Leo Le Bouter <lle-bout@zaclys.net>
 ;;; Copyright © 2021 Maxime Devos <maximedevos@telenet.be>
 ;;; Copyright © 2021 Guillaume Le Vaillant <glv@posteo.net>
-;;; Copyright © 2021 Maxim Cournoyer <maxim.cournoyer@gmail.com>
+;;; Copyright © 2021, 2024 Maxim Cournoyer <maxim.cournoyer@gmail.com>
 ;;; Copyright © 2022 zamfofex <zamfofex@twdb.moe>
 ;;; Copyright © 2022 John Kehayias <john.kehayias@protonmail.com>
 ;;; Copyright © 2023 Josselin Poiret <dev@jpoiret.xyz>
@@ -46,8 +46,10 @@ (define-module (gnu packages base)
   #:use-module (gnu packages acl)
   #:use-module (gnu packages algebra)
   #:use-module (gnu packages attr)
+  #:use-module (gnu packages autotools)
   #:use-module (gnu packages bash)
   #:use-module (gnu packages bison)
+  #:use-module (gnu packages build-tools)
   #:use-module (gnu packages gcc)
   #:use-module (gnu packages guile)
   #:use-module (gnu packages multiprecision)
@@ -263,6 +265,7 @@ (define-public tar
 
 (define-public patch
   (package
+    (replacement patch/fixed)
     (name "patch")
     (version "2.7.6")
     (source (origin
@@ -291,6 +294,53 @@ (define-public patch
     (license gpl3+)
     (home-page "https://savannah.gnu.org/projects/patch/")))
 
+(define patch/fixed
+  ;; The latest release is from 2018, and lacks multiple security related
+  ;; patches.  Since Fedora carries 23 patches, simply use the latest commit
+  ;; until a proper release is made.
+  (let ((revision "0")
+        (commit "f144b35425d9d7732ea5485034c1a6b7a106ab92"))
+    (package
+      (inherit patch)
+      (name "patch")
+      ;; TODO: Uncomment when ungrafting.
+      ;;(version (git-version "2.7.6" revision commit))
+      (source (origin
+                (method git-fetch)
+                (uri (git-reference
+                      (url "https://git.savannah.gnu.org/git/patch.git")
+                      (commit commit)))
+                ;; TODO: Uncomment when ungrafting and using the above
+                ;; 'git-version'-computed version.
+                ;;(file-name (git-file-name name version))
+                (sha256
+                 (base32
+                  "1bk38169c0xh01b0q0zmnrjqz8k9byz3arp4q7q66sn6xwf94nvz"))
+                (patches (search-patches "patch-hurd-path-max.patch"))))
+      (arguments
+       (substitute-keyword-arguments (package-arguments patch)
+         ((#:phases phases '%standard-phases)
+          #~(modify-phases #$phases
+              (add-after 'unpack 'copy-gnulib-sources
+                (lambda _
+                  ;; XXX: We copy the source instead of using 'gnulib' as a
+                  ;; native input to avoid introducing a dependency cycle with.
+                  (copy-recursively #+gnulib "gnulib")
+                  (setenv "GNULIB_SRCDIR"
+                          (string-append (getcwd) "/gnulib/src/gnulib"))))
+              (add-after 'copy-gnulib-sources 'update-bootstrap-script
+                (lambda _
+                  (copy-file "gnulib/src/gnulib/build-aux/bootstrap"
+                             "bootstrap")))
+              (add-after 'unpack 'patch-configure.ac
+                (lambda _
+                  (substitute* "configure.ac"
+                    ;; The gnulib-provided git-version-gen script has a plain
+                    ;; shebang of #!/bin/sh; avoid using it.
+                    (("build-aux/git-version-gen" all)
+                     (string-append "sh " all)))))))))
+      (native-inputs (list autoconf automake bison ed)))))
+
 (define-public diffutils
   (package
    (name "diffutils")
-- 
2.45.1





From debbugs-submit-bounces@debbugs.gnu.org Wed Jun 05 12:05:09 2024
Received: (at 47144) by debbugs.gnu.org; 5 Jun 2024 16:05:09 +0000
Received: from localhost ([127.0.0.1]:45258 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1sEt8N-0005Pe-Uf
	for submit@debbugs.gnu.org; Wed, 05 Jun 2024 12:05:08 -0400
Received: from eggs.gnu.org ([209.51.188.92]:48818)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ludo@gnu.org>) id 1sEt8L-0005Os-DV
 for 47144@debbugs.gnu.org; Wed, 05 Jun 2024 12:05:06 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@gnu.org>)
 id 1sEt7z-0008Ps-E9; Wed, 05 Jun 2024 12:04:43 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org;
 s=fencepost-gnu-org; h=MIME-Version:Date:References:In-Reply-To:Subject:To:
 From; bh=GMnuJVI0ye5ItXouj+QpbhhER1yqSqKcV4IilQjA1WY=; b=V4muZFtn7kywlgsFcv8w
 F4kNyY3+rqyV8J8TWGPFUAHQbZoFceRZNW+qDa6G7SWG47ZNv22leTJtlYZqlaygEmgxcegGTzDjY
 1ITOOq8kM6BDU6T10axn9jHftwpw/KxIfQ1WtUBXld8Ysxh2oyENPIMAb4Leg4WXDJHgaQC9kWVMK
 kiRULJl8SHhwkJk0NLc3G78rqupi+DkVyAqrMtsqF5Kx7t+6O3WlJGPuYvWckGt3pyiMGLusfrpjE
 JXHDwWubq7L8tXQd8by+hcs4j4kR1YwdnR5Iilax4n0VbXGRFM171zcFtIcXXApD+2KkeUG/f1tLL
 EmYJPX2sNB+lYA==;
From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@gnu.org>
To: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Subject: Re: bug#47144: security patching of 'patch' package
In-Reply-To: <875xusln8m.fsf@gmail.com> (Maxim Cournoyer's message of "Sat, 01
 Jun 2024 11:02:49 -0400")
References: <28b457771ab0e7ad87cb65600a5898f68be5074a.1717124361.git.maxim.cournoyer@gmail.com>
 <5eda21a09360653b198f1b0d7f52cf531dc97485.1717124361.git.maxim.cournoyer@gmail.com>
 <87r0dgn36w.fsf@gnu.org> <875xusln8m.fsf@gmail.com>
Date: Wed, 05 Jun 2024 18:04:39 +0200
Message-ID: <878qzj74vc.fsf_-_@gnu.org>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 47144
Cc: Mark H Weaver <mhw@netris.org>, 47144@debbugs.gnu.org,
 Vivien Kraus <vivien@planete-kraus.eu>, Leo Famulari <leo@famulari.name>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

Hi Maxim,

Maxim Cournoyer <maxim.cournoyer@gmail.com> skribis:

> Ludovic Court=C3=A8s <ludo@gnu.org> writes:

[...]

>> Unless I=E2=80=99m mistaken, this will have practically no effect becaus=
e Patch
>> is a build-time-only dependency.
>>
>> My recommendation would be to not add a =E2=80=98replacement=E2=80=99 fi=
eld at all.
>> Instead, you could add a new =E2=80=98patch/latest=E2=80=99 public varia=
ble pointing to
>> that commit that you picked.  That way, users running =E2=80=98guix inst=
all
>> patch=E2=80=99 or similar will get the latest version of Patch.
>
> I see what you mean, but for all practical purposes, using a graft seems
> a more thorough (because it affects the original 'patch' *variable* as
> well) means that have the same effect for users, so I'd seems like a
> slightly better option to me.

Strictly speaking, yes, but in practice the benefit are largely
theoretical IMO, and the cost of having a graft this deep in the
dependency graph.

What about renaming =E2=80=98patch=E2=80=99 to =E2=80=98patch/pinned=E2=80=
=99 and having =E2=80=98patch=E2=80=99 point
to the new version?

Internally, we=E2=80=99d refer to =E2=80=98patch/pinned=E2=80=99 in (guix p=
ackages), but user
code etc. would refer to =E2=80=98patch=E2=80=99 and thus get the latest ve=
rsion.

Ludo=E2=80=99.




From debbugs-submit-bounces@debbugs.gnu.org Wed Jun 05 12:46:08 2024
Received: (at 47144) by debbugs.gnu.org; 5 Jun 2024 16:46:09 +0000
Received: from localhost ([127.0.0.1]:47953 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1sEtm4-0001Yy-E2
	for submit@debbugs.gnu.org; Wed, 05 Jun 2024 12:46:08 -0400
Received: from mail-wm1-f52.google.com ([209.85.128.52]:39954)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <zimon.toutoune@gmail.com>) id 1sEtm2-0001Lv-5a
 for 47144@debbugs.gnu.org; Wed, 05 Jun 2024 12:46:06 -0400
Received: by mail-wm1-f52.google.com with SMTP id
 5b1f17b1804b1-42111cf2706so73975e9.0
 for <47144@debbugs.gnu.org>; Wed, 05 Jun 2024 09:45:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1717605886; x=1718210686; darn=debbugs.gnu.org;
 h=content-transfer-encoding:mime-version:message-id:date:references
 :in-reply-to:subject:cc:to:from:from:to:cc:subject:date:message-id
 :reply-to; bh=YtRoL0+zNBOxc1nOapGTKPKf8ODM32qP9yqLE33OP1M=;
 b=akpjUG467mqjBE4gIVahgZdQBrIoHLBaqgZUHx70HFI+CXDOCZYnRU+UE7HU1pQny5
 HB4HRNehTHbYMKZ5Kc/z7Mtmuf4cjqVn5yZBOpPYfpOjVkAantbfeW2XeseN/VpEHlLC
 a0dDGx9wR4kw7blLpTHsT5a/3TBR/AsRW9quAsXw85KR928hmLu9Wxu+1wJyFIDMOZFt
 UZnNTdgbM2Ty5HRqWfwYVqP/U/rmZCJfPaen5eBugVniEhEbJNsvqyaEVcO9Ob1XMfHg
 9LSqIryzvxtpEiXjCanVJdDIbXgzfve3v/I0uqi5g5ZrRoT6nf99uuNrryF3ZWOo/W4X
 VeRw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1717605886; x=1718210686;
 h=content-transfer-encoding:mime-version:message-id:date:references
 :in-reply-to:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=YtRoL0+zNBOxc1nOapGTKPKf8ODM32qP9yqLE33OP1M=;
 b=c6YtHXMOnWA7q/yrwWHRSttWwV6p7sXGu3bcC2RCTkoNhvdQ3vZ2m9KW9QbHTSPibi
 9Ed++9iGkd+Dn7hSoybX/SYsV6R4PSPC4asdowdXbtIWQePq/MIQ0YO1rzIoW5Uabfft
 BxpQjnFWXuKM/Rktb5qP2bi2juv5zI0i2Bx+yIKlugmY8VN7gv5zyyhY4+0U+hf87mqX
 ee4M5r6X/ZPfIAjKghjPG0WkFM0aSsT/qDDZ09t1k0lROIdmYBpLw4qs0HBNaUB+xe0M
 tgnQmHH1CPu5SsKR/Xo1pw+yrhmUXgdNhG4XPeaGrdVVpaGC5OyjiB4qj/+ELyCMA5EB
 odng==
X-Forwarded-Encrypted: i=1;
 AJvYcCVA1/n0YGQuRTNDbpnXB+/hbhpSl8lycnRTxl0cQj7ArwTT2DI49V7XnDKIi5lxXIBZwonGSE3h6Ut61ixnAsqF5Br4Dck=
X-Gm-Message-State: AOJu0Yw7F3sD9t83jUYl0UglWyCfpoRrx4ZMH43jDSK6IZ9JE2IDYoJh
 Qkt92Gpw8ChJtY4M4KFGW3t7t0uTGZDddQSCGaPJW0S1cZepQHZL
X-Google-Smtp-Source: AGHT+IEd41+DDzv4pGEF980HlveerWAbWLBIK3C1SVKae6KjORIsJA57Juoy7yJWcRbJZ4AP9W+t1g==
X-Received: by 2002:a05:600c:35ca:b0:421:54d0:5129 with SMTP id
 5b1f17b1804b1-4215635324dmr23157375e9.3.1717605886048; 
 Wed, 05 Jun 2024 09:44:46 -0700 (PDT)
Received: from lili (roam-nat-fw-prg-194-254-61-47.net.univ-paris-diderot.fr.
 [194.254.61.47]) by smtp.gmail.com with ESMTPSA id
 5b1f17b1804b1-4215813656asm26995305e9.36.2024.06.05.09.44.45
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 05 Jun 2024 09:44:45 -0700 (PDT)
From: Simon Tournier <zimon.toutoune@gmail.com>
To: Ludovic =?utf-8?Q?Court=C3=A8s?= <ludo@gnu.org>, Maxim Cournoyer
 <maxim.cournoyer@gmail.com>
Subject: Re: bug#47144: security patching of 'patch' package
In-Reply-To: <878qzj74vc.fsf_-_@gnu.org>
References: <28b457771ab0e7ad87cb65600a5898f68be5074a.1717124361.git.maxim.cournoyer@gmail.com>
 <5eda21a09360653b198f1b0d7f52cf531dc97485.1717124361.git.maxim.cournoyer@gmail.com>
 <87r0dgn36w.fsf@gnu.org> <875xusln8m.fsf@gmail.com>
 <878qzj74vc.fsf_-_@gnu.org>
Date: Wed, 05 Jun 2024 18:44:40 +0200
Message-ID: <87a5jznxtz.fsf@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 47144
Cc: Mark H Weaver <mhw@netris.org>, Leo Famulari <leo@famulari.name>,
 Vivien Kraus <vivien@planete-kraus.eu>, 47144@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Hi,

On Wed, 05 Jun 2024 at 18:04, Ludovic Court=C3=A8s <ludo@gnu.org> wrote:

> What about renaming =E2=80=98patch=E2=80=99 to =E2=80=98patch/pinned=E2=
=80=99 and having =E2=80=98patch=E2=80=99 point
> to the new version?
>
> Internally, we=E2=80=99d refer to =E2=80=98patch/pinned=E2=80=99 in (guix=
 packages), but user
> code etc. would refer to =E2=80=98patch=E2=80=99 and thus get the latest =
version.

I agree; it appears to me =E2=80=9Csafer=E2=80=9D than the graft.

However, the cost is to identify which package needs =E2=80=99patch/pinned=
=E2=80=99 and
which needs new =E2=80=99patch=E2=80=99.  Then once upstream Patch upgrades=
, there is
also the question to unpin all the packages.

Somehow, your previous suggestion =E2=80=99patch-latest=E2=80=99 for this n=
ew package
appears to me the best solution.  Because it does not require any update
here and there, and since the source field follows the Git upstream
latest instead of the released tarball, this solution of =E2=80=99patch-lat=
est=E2=80=99
seems appropriated.

Cheers,
simon




From debbugs-submit-bounces@debbugs.gnu.org Wed Jun 05 20:48:03 2024
Received: (at 47144) by debbugs.gnu.org; 6 Jun 2024 00:48:03 +0000
Received: from localhost ([127.0.0.1]:51906 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1sF1IM-0003bL-8p
	for submit@debbugs.gnu.org; Wed, 05 Jun 2024 20:48:03 -0400
Received: from mail-qk1-f176.google.com ([209.85.222.176]:52684)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maxim.cournoyer@gmail.com>) id 1sF1II-0003aw-Oo
 for 47144@debbugs.gnu.org; Wed, 05 Jun 2024 20:47:57 -0400
Received: by mail-qk1-f176.google.com with SMTP id
 af79cd13be357-7951da82ea7so22104485a.1
 for <47144@debbugs.gnu.org>; Wed, 05 Jun 2024 17:47:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1717634793; x=1718239593; darn=debbugs.gnu.org;
 h=content-transfer-encoding:mime-version:message-id:date:subject:cc
 :to:from:from:to:cc:subject:date:message-id:reply-to;
 bh=JesekdO6gPneH4ANpfCZFLozVGSBhIZMjDJDVKkXBww=;
 b=dfv97ZCPvvVGR/xkU5F6u6NallnQB8e2CEKHtsFy6MSAH+1+accaUAvx9PMJ2e2at6
 3Zq0Yk6v+xX75z5JIQqmrsb69MmP/nGwsoPeGT3Sx/tDYrn5BNLRNN/BXqExg9fbU9XL
 XBe2ZfPiyVi3uQMcRN60yOY88Zy57ZaoFA7UN7QNK0SAxkGWX8Ws8qusUPF1dDjAnrFu
 KXqwg6Pt3xp7GnUPaa4c/1o+ruZ7nlFSW7cP/92w6KFWrOEeeuFpM6LvWqR7yC8IHS9+
 j9dpt/dHh0Zp33JcoMiXHqAL5z6mq9EHNQ8GGcsVUxC41snyXw2mcjD2QSPSNRwUIsnX
 GD2A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1717634793; x=1718239593;
 h=content-transfer-encoding:mime-version:message-id:date:subject:cc
 :to:from:x-gm-message-state:from:to:cc:subject:date:message-id
 :reply-to;
 bh=JesekdO6gPneH4ANpfCZFLozVGSBhIZMjDJDVKkXBww=;
 b=PxQ8KPWgLfLcGDkGEt7Yu12FhwDtKBaQd7KwLc1d0rD2TnffjN0Iv/lYmvRyhRr3GK
 AAd7pkVqk+0izZcRHVPlNWxw//dhwIdBDptpwaJVYrNcrrvLh2zSYFDFyFpf/4UkdPkr
 7vui2SlqSdExdvzAHPyA0zbbO76P8EXlCAUw3TosePnogD1Px2ZY4ZJiFC1CGfGhSt/7
 XZFDV5D0J8hC8SgEzB0fzlNKfQi5Zut/HHftCX6SjBVOxPuNW8ZyECTUBWyByZYsmwpb
 kpyr1VOnvqP2GLsU1ifd6Iy/qtQGSDrOelluE8TlSnc6a451L4FV8pNtUAJQ8dbkoOGB
 Cvzw==
X-Gm-Message-State: AOJu0YxIYhtc1urd7dePYmSnNRAaaVdLFXuU14yOYTGKT/1jDBTP1qZj
 JL7FDXRlVXn0zONxvN4hXI8+iYSM1FiC4PryHWNx821f2jv6oD/UwwRgvhg/
X-Google-Smtp-Source: AGHT+IH9XFtEVeclMGdiCrZhSc99lOtfTYtQGgluxEwrpKvqFBSEa4AKV11L7I5YobEA0z8H06Gf2A==
X-Received: by 2002:a05:620a:4627:b0:795:1804:d195 with SMTP id
 af79cd13be357-79523fd9a48mr500235585a.54.1717634793166; 
 Wed, 05 Jun 2024 17:46:33 -0700 (PDT)
Received: from localhost.localdomain (dsl-10-133-150.b2b2c.ca. [72.10.133.150])
 by smtp.gmail.com with ESMTPSA id
 af79cd13be357-795332df9b0sm8751085a.126.2024.06.05.17.46.32
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 05 Jun 2024 17:46:32 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
To: 47144@debbugs.gnu.org
Subject: [PATCH v4 1/3] gnu: ucd: Update to 15.1.0.
Date: Wed,  5 Jun 2024 20:46:19 -0400
Message-ID: <a3641c8501b839cb4490edca279bf15a8141b8ea.1717634752.git.maxim.cournoyer@gmail.com>
X-Mailer: git-send-email 2.45.1
MIME-Version: 1.0
X-Debbugs-Cc: Mark H Weaver <mhw@netris.org>, Ludovic Courtès <ludo@gnu.org>, Léo Le Bouter <lle-bout@zaclys.net>, Leo Famulari <leo@famulari.name>, Maxim Cournoyer <maxim.cournoyer@gmail.com>, Simon Tournier <zimon.toutoune@gmail.com>
Content-Transfer-Encoding: 8bit
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 47144
Cc: Maxim Cournoyer <maxim.cournoyer@gmail.com>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

* gnu/packages/unicode.scm (ucd): Update to 15.1.0.

Change-Id: I0828544c35eef90a8f76c2084362ee4594189244
---

(no changes since v1)

 gnu/packages/unicode.scm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gnu/packages/unicode.scm b/gnu/packages/unicode.scm
index 23f08a2aab..fe188ed71d 100644
--- a/gnu/packages/unicode.scm
+++ b/gnu/packages/unicode.scm
@@ -77,14 +77,14 @@ (define-public libunibreak
 (define-public ucd
   (package
     (name "ucd")
-    (version "15.0.0")
+    (version "15.1.0")
     (source
      (origin
        (method url-fetch/zipbomb)
        (uri (string-append "https://www.unicode.org/Public/zipped/" version
                            "/UCD.zip"))
        (sha256
-        (base32 "133inqn33hcfvylmps63yjr6rrqrfq6x7a5hr5fd51z6yc0f9gaz"))))
+        (base32 "0xv10nkvg6451415imvb0qx72ljp0hv9f8h1sl6509ir0lync76b"))))
     (build-system copy-build-system)
     (arguments
      '(#:install-plan

base-commit: dc4c48f10281007a0ab3541b8a64198c60c6d5b0
-- 
2.45.1





From debbugs-submit-bounces@debbugs.gnu.org Wed Jun 05 20:48:07 2024
Received: (at 47144) by debbugs.gnu.org; 6 Jun 2024 00:48:07 +0000
Received: from localhost ([127.0.0.1]:51915 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1sF1IR-0003bz-Ht
	for submit@debbugs.gnu.org; Wed, 05 Jun 2024 20:48:06 -0400
Received: from mail-vs1-f50.google.com ([209.85.217.50]:46303)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maxim.cournoyer@gmail.com>) id 1sF1IM-0003b4-3E
 for 47144@debbugs.gnu.org; Wed, 05 Jun 2024 20:48:00 -0400
Received: by mail-vs1-f50.google.com with SMTP id
 ada2fe7eead31-48bcd69919eso185297137.0
 for <47144@debbugs.gnu.org>; Wed, 05 Jun 2024 17:47:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1717634796; x=1718239596; darn=debbugs.gnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=AiaqA2+EXFwjX21dNzzTl/6y7uC9QURWRHFdaXf0vXQ=;
 b=MSEKF6znhHsCt29bzYWRmxU5V+V4A6C5H0sUuXCSVnxJeI0xNynv9VNWkNJey0RiUr
 BNCqtQAeBZe7Ej6++CU5q5zsj/w2ohljnJZC9QaqqWlF3Sx2gpAyh+7vEsIqNMahp/2g
 Ejyv9U1U7dmpg05Nt786MAud7VpQs2EyKElbgwSLp8gI7pa8VL1OsVNy73JqTWUPQ/u3
 FJh61RkEIJavmreBPhJHjaDmgWFwMBVabwGGntiKhc3ahopQDknC2LyF5oFbMmIJtzLB
 u2SXseJjd45WZ5yRmA5Yvd0As3yNPnVzkNwQLNMANyyF++efooeIRjH+1pYhSjcnrJZY
 X0MA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1717634796; x=1718239596;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=AiaqA2+EXFwjX21dNzzTl/6y7uC9QURWRHFdaXf0vXQ=;
 b=gHcGuxjl6DLGieGZ1Sda/zq5IZ5gDWRQp9KmxN39Ac2bkD/snYFh+8oBkiGfor6kqg
 wIUk1bZtjEq5cEBWGiUHa5+OwnCVE848pSi9nUL+4NHHG7xQgnqrTeJyR8QuLN+SlxEr
 JmvpriiyQWGjo91sB7UrkI/OEMo8/HDuFs3MOa1npb9ozuDro06RuZ3UZSkE5/tIheDl
 djQoth1+hMAnrA9W3Z58+HCScAqAd4uxYmGBz8nEsxhFhBCCRHJ3i2OzfOgq8q9wR4VE
 8hB8gKwo54pwFbULT2DiX6Ris1pXWHRswpLPqRL2exzMAMPLWpIGXRtDILUm39KYJC58
 75Qw==
X-Gm-Message-State: AOJu0Yywfxf1/PdHZWqthGiyAOUDovhBGO9NBkR610udoVYn0ob1KrCK
 hAWvQweX7u+NaR7O85CT9+Ou/QejKUNTp8nru1ILjisyZz3SSw4IgOq+Pxa5
X-Google-Smtp-Source: AGHT+IFElxnqLOixVajnZ84fqyIl1QWDhtH4calBF8UwCG7iG6XOShwmmdDemnUdfRuIE0Hm6TakAA==
X-Received: by 2002:a67:e454:0:b0:48b:9f36:14 with SMTP id
 ada2fe7eead31-48c048fd3b8mr4704758137.10.1717634796155; 
 Wed, 05 Jun 2024 17:46:36 -0700 (PDT)
Received: from localhost.localdomain (dsl-10-133-150.b2b2c.ca. [72.10.133.150])
 by smtp.gmail.com with ESMTPSA id
 af79cd13be357-795332df9b0sm8751085a.126.2024.06.05.17.46.35
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 05 Jun 2024 17:46:35 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
To: 47144@debbugs.gnu.org
Subject: [PATCH v4 2/3] gnu: gnulib: Update to 2024-05-30-1.ac4b301.
Date: Wed,  5 Jun 2024 20:46:20 -0400
Message-ID: <c34f058c9534a551b2cdc24cac9c642af14e842c.1717634752.git.maxim.cournoyer@gmail.com>
X-Mailer: git-send-email 2.45.1
In-Reply-To: <a3641c8501b839cb4490edca279bf15a8141b8ea.1717634752.git.maxim.cournoyer@gmail.com>
References: <a3641c8501b839cb4490edca279bf15a8141b8ea.1717634752.git.maxim.cournoyer@gmail.com>
MIME-Version: 1.0
X-Debbugs-Cc: Mark H Weaver <mhw@netris.org>, Ludovic Courtès <ludo@gnu.org>, Léo Le Bouter <lle-bout@zaclys.net>, Leo Famulari <leo@famulari.name>, Maxim Cournoyer <maxim.cournoyer@gmail.com>, Simon Tournier <zimon.toutoune@gmail.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 47144
Cc: Maxim Cournoyer <maxim.cournoyer@gmail.com>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Also fix the commands, which would fail due to not finding their
implementation scripts.

* gnu/packages/patches/gnulib-bootstrap.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/build-tools.scm (gnulib): Update to 2024-05-30-1.ac4b301.
[source]: Apply patch.
[phases] {patch-source-shebangs, patch-generated-file-shebangs}
{patch-usr-bin-file, restore-shebangs}: Delete phases.
{disable-failing-tests}: Disable sc_error_message_warn_fatal,
sc_prefer_angle_bracket_headers, sc_check_config_h_reminder,
sc_prohibit_sc_omitted_at, sc_readme_link_copying, sc_readme_link_install,
sc_unsigned_char, sc_unsigned_int,  sc_unsigned_long and sc_unsigned_short
checks.
{regenerate-unicode}: Register BidiMirroring.txt unicode data file.

Change-Id: I154b2c5980b671f1e73e7a1f74d926ea080a7aa0
---

(no changes since v1)

 gnu/local.mk                                |  1 +
 gnu/packages/build-tools.scm                | 55 ++++++++-------
 gnu/packages/patches/gnulib-bootstrap.patch | 75 +++++++++++++++++++++
 3 files changed, 107 insertions(+), 24 deletions(-)
 create mode 100644 gnu/packages/patches/gnulib-bootstrap.patch

diff --git a/gnu/local.mk b/gnu/local.mk
index 6934d5ccc7..b369127194 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1393,6 +1393,7 @@ dist_patch_DATA =						\
   %D%/packages/patches/gnome-settings-daemon-gc.patch		\
   %D%/packages/patches/gnome-session-support-elogind.patch	\
   %D%/packages/patches/gnome-tweaks-search-paths.patch		\
+  %D%/packages/patches/gnulib-bootstrap.patch			\
   %D%/packages/patches/gnumach-support-noide.patch		\
   %D%/packages/patches/gnupg-default-pinentry.patch		\
   %D%/packages/patches/gnupg-1-build-with-gcc10.patch		\
diff --git a/gnu/packages/build-tools.scm b/gnu/packages/build-tools.scm
index daaf450e70..82abf5b9f1 100644
--- a/gnu/packages/build-tools.scm
+++ b/gnu/packages/build-tools.scm
@@ -13,7 +13,7 @@
 ;;; Copyright © 2020 Jakub Kądziołka <kuba@kadziolka.net>
 ;;; Copyright © 2020, 2023 Efraim Flashner <efraim@flashner.co.il>
 ;;; Copyright © 2021 qblade <qblade@protonmail.com>
-;;; Copyright © 2021, 2023 Maxim Cournoyer <maxim.cournoyer@gmail.com>
+;;; Copyright © 2021, 2023, 2024 Maxim Cournoyer <maxim.cournoyer@gmail.com>
 ;;; Copyright © 2022, 2023 Juliana Sims <juli@incana.org>
 ;;;
 ;;; This file is part of GNU Guix.
@@ -853,12 +853,15 @@ (define*-public (gnulib-checkout #:key
                           ;; FIXME: tests/uniname/HangulSyllableNames.txt
                           ;; seems like a UCD file but it is not distributed
                           ;; with UCD.
-                          "tests/uniwbrk/WordBreakTest.txt")))))))
+                          "tests/uniwbrk/WordBreakTest.txt")))))
+       (patches (search-patches "gnulib-bootstrap.patch"))))
     (build-system copy-build-system)
     (arguments
      (list
       #:install-plan
       #~'(("./gnulib-tool" "bin/")
+          ("./gnulib-tool.py" "bin/")
+          ("./gnulib-tool.sh" "bin/")
           ("." "src/gnulib" #:exclude-regexp ("\\.git.*")))
       #:modules '((ice-9 match)
                   (guix build utils)
@@ -866,6 +869,13 @@ (define*-public (gnulib-checkout #:key
                   ((guix build gnu-build-system) #:prefix gnu:))
       #:phases
       #~(modify-phases %standard-phases
+          ;; Since this package is intended to be used in source form, it
+          ;; should not retain references to tools (with the exception for the
+          ;; commands we install, which should be wrapper for proper
+          ;; execution).
+          (delete 'patch-source-shebangs)
+          (delete 'patch-generated-file-shebangs)
+          (delete 'patch-usr-bin-file)
           (add-before 'install 'check
             (assoc-ref gnu:%standard-phases 'check))
           (add-before 'check 'fix-tests
@@ -889,8 +899,10 @@ (define*-public (gnulib-checkout #:key
   sc_Wundef_boolean \\
   sc_copyright_check \\
   sc_file_system \\
+  sc_error_message_warn_fatal \\
   sc_indent \\
   sc_keep_gnulib_texi_files_mostly_ascii \\
+  sc_prefer_angle_bracket_headers \\
   sc_prohibit_assert_without_use \\
   sc_prohibit_close_stream_without_use \\
   sc_prohibit_defined_have_decl_tests \\
@@ -899,15 +911,22 @@ (define*-public (gnulib-checkout #:key
   sc_prohibit_intprops_without_use \\
   sc_prohibit_openat_without_use \\
   sc_prohibit_test_minus_ao \\
-  sc_unportable_grep_q"))
+  sc_readme_link_copying \\
+  sc_readme_link_install \\
+  sc_unportable_grep_q \\
+  sc_unsigned_char \\
+  sc_unsigned_int \\
+  sc_unsigned_long \\
+  sc_unsigned_short"))
               (substitute* "Makefile"
-                (("sc_check_(sym_list|copyright)" rule)
+                (("sc_check_(sym_list|copyright|config_h_reminder)" rule)
                  (string-append "disabled_check_" rule))
                 (("sc_cpp_indent_check")
                  "disabled_cpp_indent_check")
                 (("sc_prefer_ac_check_funcs_once")
                  "disabled_prefer_ac_check_funcs_once")
-                (("sc_prohibit_(AC_LIBOBJ_in_m4|leading_TABs)" rule)
+                (("sc_prohibit_(AC_LIBOBJ_in_m4|leading_TABs\
+|sc_omitted_at)" rule)
                  (string-append "disabled_prohibit_" rule)))))
           (add-before 'check 'regenerate-unicode
             (lambda* (#:key inputs #:allow-other-keys)
@@ -939,7 +958,8 @@ (define*-public (gnulib-checkout #:key
                              (sha256
                               (base32
                                "0k6wyijyzdl5g3nibcwfm898kfydx1pqaz28v7fdvnzdvd5fz7lh"))))
-                        (find-ucd-files "EastAsianWidth.txt"
+                        (find-ucd-files "BidiMirroring.txt"
+                                        "EastAsianWidth.txt"
                                         "LineBreak.txt"
                                         "auxiliary/WordBreakProperty.txt"
                                         "auxiliary/GraphemeBreakProperty.txt"
@@ -962,22 +982,9 @@ (define*-public (gnulib-checkout #:key
                    ("NormalizationTest.txt" . "uninorm")
                    ("auxiliary/GraphemeBreakTest.txt" . "unigbrk")
                    ("auxiliary/WordBreakTest.txt" . "uniwbrk")))
-                (delete-file "gen-uni-tables"))))
-          (add-after 'install 'restore-shebangs
-            (lambda _
-              (substitute* (find-files
-                            (string-append #$output "/src/gnulib")
-                            (lambda (fname stat)
-                              (and (not (string-suffix? "/lib/javaversion.class" fname))
-                                   (not (string-suffix? ".mo" fname)))))
-                (("^#! ?(.*)/bin/sh" _ prefix)
-                 "#!/bin/sh")
-                (("^#! ?(.*)/bin/python3" _ prefix)
-                 "#!/usr/bin/env python3")
-                (("^#! ?(.*)/bin/([a-zA-Z0-9-]+)" _ prefix program)
-                 (string-append "#!/usr/bin/" program))))))))
+                (delete-file "gen-uni-tables")))))))
     (inputs
-     (list bash-minimal))                         ;shebang for gnulib-tool
+     (list bash-minimal)) ;shebang for gnulib-tool
     (native-inputs
      (list
       bash-minimal python perl clisp
@@ -1005,9 +1012,9 @@ (define*-public (gnulib-checkout #:key
 
 (define-public gnulib
   (gnulib-checkout
-   #:version "2022-12-31"
-   #:commit "875461ffdf58ac04677957b4ae4160465b83b940"
-   #:hash (base32 "0bf7a6wdns9c5wwv60qfcn9llg0j6jz5ryd2qgsqqx2i6xkmp77c")))
+   #:version "2024-05-30"
+   #:commit "ac4b301ae15223c98b51cd5a0eda2e2cf57c817b"
+   #:hash (base32 "0f4w56fc97clg13mmdghx84dh9xqmaqr3j672ppfh3h66gmmmvzs")))
 
 (define-public pdpmake
   (package
diff --git a/gnu/packages/patches/gnulib-bootstrap.patch b/gnu/packages/patches/gnulib-bootstrap.patch
new file mode 100644
index 0000000000..c0c9a5e732
--- /dev/null
+++ b/gnu/packages/patches/gnulib-bootstrap.patch
@@ -0,0 +1,75 @@
+From adbf7ce2c2b03ce5ee25d4c68f9bb247b0dcbc2b Mon Sep 17 00:00:00 2001
+From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
+Date: Thu, 30 May 2024 14:48:04 -0400
+Subject: [PATCH] bootstrap: Use gnulib-tool from PATH if available.
+
+Some distributions such as GNU Guix include in their package for
+gnulib a 'gnulib-tool' command under their $bindir
+prefix (e.g. '/bin') for users to use, along the unmodified full
+sources.  The idea is that any wrapping or distribution modifications
+for the *execution* of the script at run time is done on these
+commands, while the rest of the source should be in their
+pristine (unmodified) version.  Adjust the 'gnulib-tool' discovery
+mechanism to support such installation layout.
+
+* build-aux/bootstrap (autogen) <gnulib_tool>: Prefer to use from
+PATH, else from $GNULIB_SRCDIR/../../bin/gnulib-tool, else from
+$GNULIB_SRCDIR/gnulib-tool.
+* gnulib-tool.sh (func_gnulib_dir): Honor GNULIB_SRCDIR to locate
+gnulib's main directory.
+---
+ build-aux/bootstrap | 11 +++++++++--
+ gnulib-tool.sh      |  6 +++++-
+ 2 files changed, 14 insertions(+), 3 deletions(-)
+
+diff --git a/build-aux/bootstrap b/build-aux/bootstrap
+index 6295b8a128..06271eea8b 100755
+--- a/build-aux/bootstrap
++++ b/build-aux/bootstrap
+@@ -3,7 +3,7 @@
+ 
+ # Bootstrap this package from checked-out sources.
+ 
+-scriptversion=2024-04-13.15; # UTC
++scriptversion=2024-05-30.20; # UTC
+ 
+ # Copyright (C) 2003-2024 Free Software Foundation, Inc.
+ #
+@@ -1164,7 +1164,14 @@ autogen()
+   fi
+ 
+   if $use_gnulib; then
+-    gnulib_tool=$GNULIB_SRCDIR/gnulib-tool
++    gnulib_tool=$(command -v gnulib-tool)
++    if test -x "$gnulib_tool"; then
++      :                         # done
++    elif test -x $GNULIB_SRCDIR/../../bin/gnulib-tool; then
++      gnulib_tool=$GNULIB_SRCDIR/../../bin/gnulib-tool
++    else
++      gnulib_tool=$GNULIB_SRCDIR/gnulib-tool
++    fi
+     <$gnulib_tool || return
+   fi
+ 
+diff --git a/gnulib-tool.sh b/gnulib-tool.sh
+index 12f0b82461..0aefbe2b2b 100755
+--- a/gnulib-tool.sh
++++ b/gnulib-tool.sh
+@@ -518,7 +518,11 @@ func_gnulib_dir ()
+       * ) self_abspathname=`echo "$self_abspathname" | sed -e 's,/[^/]*$,,'`/"$linkval" ;;
+     esac
+   done
+-  gnulib_dir=`echo "$self_abspathname" | sed -e 's,/[^/]*$,,'`
++  if test -n "$GNULIB_SRCDIR"; then
++    gnulib_dir=$GNULIB_SRCDIR
++  else
++    gnulib_dir=`echo "$self_abspathname" | sed -e 's,/[^/]*$,,'`
++  fi
+ }
+ 
+ # func_tmpdir
+
+base-commit: ac4b301ae15223c98b51cd5a0eda2e2cf57c817b
+-- 
+2.41.0
+
-- 
2.45.1





From debbugs-submit-bounces@debbugs.gnu.org Wed Jun 05 20:51:18 2024
Received: (at 47144) by debbugs.gnu.org; 6 Jun 2024 00:51:18 +0000
Received: from localhost ([127.0.0.1]:52133 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1sF1La-0003ld-7U
	for submit@debbugs.gnu.org; Wed, 05 Jun 2024 20:51:18 -0400
Received: from mail-qv1-f52.google.com ([209.85.219.52]:43122)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maxim.cournoyer@gmail.com>) id 1sF1LY-0003lK-NF
 for 47144@debbugs.gnu.org; Wed, 05 Jun 2024 20:51:17 -0400
Received: by mail-qv1-f52.google.com with SMTP id
 6a1803df08f44-6af4fcb45ccso12592716d6.0
 for <47144@debbugs.gnu.org>; Wed, 05 Jun 2024 17:51:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1717634997; x=1718239797; darn=debbugs.gnu.org;
 h=content-transfer-encoding:mime-version:user-agent:message-id:date
 :references:in-reply-to:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=Hm93P/zYQRFDhFm8vK9C1J7LKvtS01MgqAg+JIcdLj8=;
 b=C9ImgxI79mDTifCHSDc0G+YCm4osHRsiZsb7EO8fyZYKqrLY52I/RhkMur1GV8IlU4
 KzkgJRkI3PEd7Jtlrv9Jk+jvlzGV+tkZPhBaH8Sl/vIN0iswcmIrL1q0n9LBOZGJ7kHh
 BpLON/yjL4TV96uUmb4J4kwgrwCSq7/GQfToxzdRNQQZIhII4nYTT+lBv9DuYBLCAS0h
 yFuyfJltUk3duVltw9nUnxlNAQiXCxidmQ/d/ATnmoHpTv/cB/boA/se3aUF7uj9yzWk
 P69IVbyeFmQZ6yeZvxIIFJZrndu0nZvXFyzLIYsR1N91OyM2l59i1AoRU6Fv1CIxbO28
 qHYw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1717634997; x=1718239797;
 h=content-transfer-encoding:mime-version:user-agent:message-id:date
 :references:in-reply-to:subject:cc:to:from:x-gm-message-state:from
 :to:cc:subject:date:message-id:reply-to;
 bh=Hm93P/zYQRFDhFm8vK9C1J7LKvtS01MgqAg+JIcdLj8=;
 b=Otu5bqcLVp30jNc/E+ru1LaqSMs0yZPF7tHi7P50kobsBO1kfPTZ0xxnSVjm21bs6g
 g9x+oITo8astN2Ok80BKzcIOIP6ZJoYEOfYeVzME4WuHWvjm8KBUtmTDhCrA+7bpfBbQ
 X+Zk1yd/3v4jQ7+64UbGXCZdcljFtKT19g/nTrGtJR9F59rzixJw5zdzbmzIR5kVbRqW
 cYjn/q8hNlwXbciy0UXo90X/RuDslUWZiB3CC43YlugCm81A56de9KQjjf58WE2DuXsY
 19BpyJ6GkdFqCiGP0V+sWTl+FlgcpXLpnMoQI4iU8w4DHhTPSF78NBeYQgIpEDje/jLh
 9L2Q==
X-Forwarded-Encrypted: i=1;
 AJvYcCXbROoQhRk7zrp2mDM/2RQwtYZDJuvc5EJv7HyZbKZaR1+eU93+h6j1TOKYMRdObB4dqRuE9BYDCAV64ZXxIcljvapk22U=
X-Gm-Message-State: AOJu0YxOt61QFg1Rk/sAbIfBt+GLWp591/8W79XjQASfB4LQqRsL3nLc
 jl2MbMZ42FmkvPfxwRto87+yXoLsa2aSipcGBtlp3pB2vbCRULXK
X-Google-Smtp-Source: AGHT+IHMBmqycDA+mbARCh3Rkz+ldPiVsZKrq2eRIQ8ELk5yEp/750bVzJBOvpH6DIbFPwDyIXxKWg==
X-Received: by 2002:a05:6214:1cc6:b0:6ad:84aa:2956 with SMTP id
 6a1803df08f44-6b04c00aedfmr24434926d6.13.1717634996661; 
 Wed, 05 Jun 2024 17:49:56 -0700 (PDT)
Received: from hurd (dsl-10-133-150.b2b2c.ca. [72.10.133.150])
 by smtp.gmail.com with ESMTPSA id
 6a1803df08f44-6b04f712e00sm1136106d6.61.2024.06.05.17.49.55
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 05 Jun 2024 17:49:56 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
To: Simon Tournier <zimon.toutoune@gmail.com>
Subject: Re: bug#47144: security patching of 'patch' package
In-Reply-To: <87a5jznxtz.fsf@gmail.com> (Simon Tournier's message of "Wed, 05
 Jun 2024 18:44:40 +0200")
References: <28b457771ab0e7ad87cb65600a5898f68be5074a.1717124361.git.maxim.cournoyer@gmail.com>
 <5eda21a09360653b198f1b0d7f52cf531dc97485.1717124361.git.maxim.cournoyer@gmail.com>
 <87r0dgn36w.fsf@gnu.org> <875xusln8m.fsf@gmail.com>
 <878qzj74vc.fsf_-_@gnu.org> <87a5jznxtz.fsf@gmail.com>
Date: Wed, 05 Jun 2024 20:49:54 -0400
Message-ID: <87ikym3nf1.fsf@gmail.com>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 47144
Cc: Mark H Weaver <mhw@netris.org>,
 Ludovic =?utf-8?Q?Court=C3=A8s?= <ludo@gnu.org>,
 Leo Famulari <leo@famulari.name>, Vivien Kraus <vivien@planete-kraus.eu>,
 47144@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Hi Simon,

Simon Tournier <zimon.toutoune@gmail.com> writes:

> Hi,
>
> On Wed, 05 Jun 2024 at 18:04, Ludovic Court=C3=A8s <ludo@gnu.org> wrote:
>
>> What about renaming =E2=80=98patch=E2=80=99 to =E2=80=98patch/pinned=E2=
=80=99 and having =E2=80=98patch=E2=80=99 point
>> to the new version?
>>
>> Internally, we=E2=80=99d refer to =E2=80=98patch/pinned=E2=80=99 in (gui=
x packages), but user
>> code etc. would refer to =E2=80=98patch=E2=80=99 and thus get the latest=
 version.
>
> I agree; it appears to me =E2=80=9Csafer=E2=80=9D than the graft.
>
> However, the cost is to identify which package needs =E2=80=99patch/pinne=
d=E2=80=99 and
> which needs new =E2=80=99patch=E2=80=99.  Then once upstream Patch upgrad=
es, there is
> also the question to unpin all the packages.

Indeed.  It'll be easy though to grep for 'patch/pinned', which are far
and few in between, compared to grepping for 'patch'...  I've
implemented Ludovic's suggestion in v4, before I actually read this
reply of yours... I think it's OK; it goes a bit further than
'patch-latest' to protect users in case they refer to the 'patch'
package variable directly.

--=20
Thanks,
Maxim




From debbugs-submit-bounces@debbugs.gnu.org Wed Jun 05 20:56:08 2024
Received: (at 47144) by debbugs.gnu.org; 6 Jun 2024 00:56:08 +0000
Received: from localhost ([127.0.0.1]:52472 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1sF1QF-0003zu-G8
	for submit@debbugs.gnu.org; Wed, 05 Jun 2024 20:56:08 -0400
Received: from mail-qt1-f173.google.com ([209.85.160.173]:53397)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maxim.cournoyer@gmail.com>) id 1sF1QC-0003z6-Pf
 for 47144@debbugs.gnu.org; Wed, 05 Jun 2024 20:56:06 -0400
Received: by mail-qt1-f173.google.com with SMTP id
 d75a77b69052e-44028fc3d22so1475501cf.2
 for <47144@debbugs.gnu.org>; Wed, 05 Jun 2024 17:55:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1717635284; x=1718240084; darn=debbugs.gnu.org;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=Pk8ZklKWjqc61fOHxOdGL+G67JvDaCfDZtYXTK4D5Fc=;
 b=TL9D7gXAMnBRhhL2Kru1Onk42ZCMEG71xP+ecjN/qjhFzJKObQXaPdcXZTP+Y2FP1K
 ib4kTZaVCoWsa8Y1TA8EagmMZe3QFiUVGPkw/wdZUME5PjKr40X/zNLsxT6Z48uErlbl
 em1QSZh909UBRCbGwXUTLlHNWXqgWhAFXbqqOvzW6tfnXOH1WpMabS5P0ykuxQK/iZBh
 cIbVNHXrcow2OVBdgUMcnSNcr8134PwJxyZXRRenvaso4NgK+itR7eZal3Z91zB1E0Vr
 7cClde93Nt4dJy7Q3ULZXvT32BsvF5mUqZ7R8Gb6uOlxfrAKqsPtgZ/wVABByTXdp2xZ
 Y7Nw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1717635284; x=1718240084;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=Pk8ZklKWjqc61fOHxOdGL+G67JvDaCfDZtYXTK4D5Fc=;
 b=M5T4Y6vlHNsPjGh2oxU9xmPrLmqNO3cYpcqMUU8DsXAFLeoH29S6+ERWop4yhg6Ukt
 prb0OyCaJih9AkpUezs4f9p/0tqcfcYZOQxOwJ8lraENoi1abOE5o065E6I1Up5lftFA
 2u5Gg2n5z2qmvP6qBrxoyDedFH0mTnIOfRojPnE+bFfEXcvTGZcfs1h1+PnCcInCOh98
 I/WHUx0Ed2ALKimsohVCV/Feb/WnOyF2pEk5o7W8HlZDzmqoqMHPII6CC1Mm5DxFOeI+
 EGZht2F47cqzh3mqPCFj30G9FgIya9CJsRlrGRXSNhmXrUBo/0BJwIiR3n9j7bXAyWZr
 eFpQ==
X-Gm-Message-State: AOJu0YwS0vGjMSjfeQM9N7P2Jf86PzQzHjVIOcCyPZLZ/VntrSn4hVDu
 o2N4Cj2VbtPWmUoH4P+FwUjvbgW6d5oaqgaUf6l+u+CHuwcFA21y9yx79+gW
X-Google-Smtp-Source: AGHT+IFKYlTCLT/Yxly3CNZh3Z17P5dwdD4WPla8cOHN8pSFXGR8hyZcaDFioBQ2L1odKK5xUXkq1g==
X-Received: by 2002:a05:620a:c44:b0:792:9662:9473 with SMTP id
 af79cd13be357-79523d3f3d8mr483324885a.14.1717634799008; 
 Wed, 05 Jun 2024 17:46:39 -0700 (PDT)
Received: from localhost.localdomain (dsl-10-133-150.b2b2c.ca. [72.10.133.150])
 by smtp.gmail.com with ESMTPSA id
 af79cd13be357-795332df9b0sm8751085a.126.2024.06.05.17.46.38
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 05 Jun 2024 17:46:38 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
To: 47144@debbugs.gnu.org
Subject: [PATCH v4 3/3] gnu: patch: Update to latest commit [security fixes].
Date: Wed,  5 Jun 2024 20:46:21 -0400
Message-ID: <7663177c58ca72f54b6c715561701952b35910ec.1717634752.git.maxim.cournoyer@gmail.com>
X-Mailer: git-send-email 2.45.1
In-Reply-To: <a3641c8501b839cb4490edca279bf15a8141b8ea.1717634752.git.maxim.cournoyer@gmail.com>
References: <a3641c8501b839cb4490edca279bf15a8141b8ea.1717634752.git.maxim.cournoyer@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
X-Debbugs-Cc: Mark H Weaver <mhw@netris.org>, Ludovic Courtès <ludo@gnu.org>, Léo Le Bouter <lle-bout@zaclys.net>, Leo Famulari <leo@famulari.name>, Maxim Cournoyer <maxim.cournoyer@gmail.com>, Simon Tournier <zimon.toutoune@gmail.com>, Christopher Baines <guix@cbaines.net>, Efraim Flashner <efraim@flashner.co.il>, Ekaitz Zarraga <ekaitz@elenq.tech>, Guillaume Le Vaillant <glv@posteo.net>, Josselin Poiret <dev@jpoiret.xyz>, Katherine Cox-Buday <cox.katherine.e+guix@gmail.com>, Mathieu Othacehe <othacehe@gnu.org>, Munyoki Kilyungi <me@bonfacemunyoki.com>, Ricardo Wurmus <rekado@elephly.net>, Sharlatan Hellseher <sharlatanus@gmail.com>, Tobias Geerinckx-Rice <me@tobias.gr>, jgart <jgart@dismail.de>
Content-Transfer-Encoding: 8bit
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 47144
Cc: Mark H Weaver <mhw@netris.org>, Maxim Cournoyer <maxim.cournoyer@gmail.com>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

* gnu/packages/base.scm (patch): Rename to...
(patch/pinned): ... this.  Hide package.
(patch): New variable.
* gnu/packages/commencement.scm (patch-mesboot): Inherit from patch/pinned.
(patch-boot0): Likewise.
(%final-inputs): Replace patch with patch/pinned.
* gnu/packages/lisp.scm (cl-asdf): Likewise.
* guix/packages.scm (%standard-patch-inputs): Replace patch with patch/pinned.

Fixes: https://issues.guix.gnu.org/47144
Reported-by: Mark H Weaver <mhw@netris.org>
Change-Id: I54ae41b735f5ba0ebad30ebdfaabe0ccdc3f9873
---

Changes in v4:
 - Use a hidden patch/pinned and patch variables instead of a graft

Changes in v3:
 - Do not use inheritance for patch/fixed origin

Changes in v2:
 - Use same version to have the same store length, a graft requirement
 - Copy the gnulib source in a phase to avoid introducing a dependency cycle

 gnu/packages/base.scm         | 102 +++++++++++++++++++++++++---------
 gnu/packages/commencement.scm |   8 +--
 gnu/packages/lisp.scm         |   2 +-
 guix/packages.scm             |   2 +-
 4 files changed, 82 insertions(+), 32 deletions(-)

diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm
index bbe5b8cf57..66c5b7d237 100644
--- a/gnu/packages/base.scm
+++ b/gnu/packages/base.scm
@@ -19,7 +19,7 @@
 ;;; Copyright © 2021 Leo Le Bouter <lle-bout@zaclys.net>
 ;;; Copyright © 2021 Maxime Devos <maximedevos@telenet.be>
 ;;; Copyright © 2021 Guillaume Le Vaillant <glv@posteo.net>
-;;; Copyright © 2021 Maxim Cournoyer <maxim.cournoyer@gmail.com>
+;;; Copyright © 2021, 2024 Maxim Cournoyer <maxim.cournoyer@gmail.com>
 ;;; Copyright © 2022 zamfofex <zamfofex@twdb.moe>
 ;;; Copyright © 2022 John Kehayias <john.kehayias@protonmail.com>
 ;;; Copyright © 2023 Josselin Poiret <dev@jpoiret.xyz>
@@ -46,8 +46,10 @@ (define-module (gnu packages base)
   #:use-module (gnu packages acl)
   #:use-module (gnu packages algebra)
   #:use-module (gnu packages attr)
+  #:use-module (gnu packages autotools)
   #:use-module (gnu packages bash)
   #:use-module (gnu packages bison)
+  #:use-module (gnu packages build-tools)
   #:use-module (gnu packages gcc)
   #:use-module (gnu packages guile)
   #:use-module (gnu packages multiprecision)
@@ -261,35 +263,83 @@ (define-public tar
    (license gpl3+)
    (home-page "https://www.gnu.org/software/tar/")))
 
-(define-public patch
-  (package
-    (name "patch")
-    (version "2.7.6")
-    (source (origin
-              (method url-fetch)
-              (uri (string-append "mirror://gnu/patch/patch-"
-                                  version ".tar.xz"))
-              (sha256
-               (base32
-                "1zfqy4rdcy279vwn2z1kbv19dcfw25d2aqy9nzvdkq5bjzd0nqdc"))
-              (patches (search-patches "patch-hurd-path-max.patch"))))
-    (build-system gnu-build-system)
-    (arguments
-     ;; Work around a cross-compilation bug whereby libpatch.a would provide
-     ;; '__mktime_internal', which conflicts with the one in libc.a.
-     (if (%current-target-system)
-         `(#:configure-flags '("gl_cv_func_working_mktime=yes"))
-         '()))
-    (native-inputs (list ed))
-    (synopsis "Apply differences to originals, with optional backups")
-    (description
-     "Patch is a program that applies changes to files based on differences
+;;; TODO: Replace/merge with 'patch' on core-updates.
+(define-public patch/pinned
+  (hidden-package
+   (package
+     (name "patch")
+     (version "2.7.6")
+     (source (origin
+               (method url-fetch)
+               (uri (string-append "mirror://gnu/patch/patch-"
+                                   version ".tar.xz"))
+               (sha256
+                (base32
+                 "1zfqy4rdcy279vwn2z1kbv19dcfw25d2aqy9nzvdkq5bjzd0nqdc"))
+               (patches (search-patches "patch-hurd-path-max.patch"))))
+     (build-system gnu-build-system)
+     (arguments
+      ;; Work around a cross-compilation bug whereby libpatch.a would provide
+      ;; '__mktime_internal', which conflicts with the one in libc.a.
+      (if (%current-target-system)
+          `(#:configure-flags '("gl_cv_func_working_mktime=yes"))
+          '()))
+     (native-inputs (list ed))
+     (synopsis "Apply differences to originals, with optional backups")
+     (description
+      "Patch is a program that applies changes to files based on differences
 laid out as by the program \"diff\".  The changes may be applied to one or more
 files depending on the contents of the diff file.  It accepts several
 different diff formats.  It may also be used to revert previously applied
 differences.")
-    (license gpl3+)
-    (home-page "https://savannah.gnu.org/projects/patch/")))
+     (license gpl3+)
+     (home-page "https://savannah.gnu.org/projects/patch/"))))
+
+(define-public patch
+  ;; The latest release is from 2018, and lacks multiple security related
+  ;; patches.  Since Fedora carries 23 patches, simply use the latest commit
+  ;; until a proper release is made.
+  (let ((revision "0")
+        (commit "f144b35425d9d7732ea5485034c1a6b7a106ab92")
+        (base patch/pinned))
+    (package
+      (inherit base)
+      (name "patch")
+      (version (git-version "2.7.6" revision commit))
+      (source (origin
+                (method git-fetch)
+                (uri (git-reference
+                      (url "https://git.savannah.gnu.org/git/patch.git")
+                      (commit commit)))
+                (file-name (git-file-name name version))
+                (sha256
+                 (base32
+                  "1bk38169c0xh01b0q0zmnrjqz8k9byz3arp4q7q66sn6xwf94nvz"))
+                (patches (search-patches "patch-hurd-path-max.patch"))))
+      (arguments
+       (substitute-keyword-arguments (package-arguments base)
+         ((#:phases phases '%standard-phases)
+          #~(modify-phases #$phases
+              (add-after 'unpack 'copy-gnulib-sources
+                (lambda _
+                  ;; XXX: We copy the source instead of using 'gnulib' as a
+                  ;; native input to avoid introducing a dependency cycle.
+                  (copy-recursively #+gnulib "gnulib")
+                  (setenv "GNULIB_SRCDIR"
+                          (string-append (getcwd) "/gnulib/src/gnulib"))))
+              (add-after 'copy-gnulib-sources 'update-bootstrap-script
+                (lambda _
+                  (copy-file "gnulib/src/gnulib/build-aux/bootstrap"
+                             "bootstrap")))
+              (add-after 'unpack 'patch-configure.ac
+                (lambda _
+                  (substitute* "configure.ac"
+                    ;; The gnulib-provided git-version-gen script has a plain
+                    ;; shebang of #!/bin/sh; avoid using it.
+                    (("build-aux/git-version-gen" all)
+                     (string-append "sh " all)))))))))
+      (native-inputs (list autoconf automake bison ed))
+      (properties '()))))
 
 (define-public diffutils
   (package
diff --git a/gnu/packages/commencement.scm b/gnu/packages/commencement.scm
index b4d236c35b..0433059493 100644
--- a/gnu/packages/commencement.scm
+++ b/gnu/packages/commencement.scm
@@ -878,7 +878,7 @@ (define tcc-boot
 (define patch-mesboot
   ;; The initial patch.
   (package
-    (inherit patch)
+    (inherit patch/pinned)
     (name "patch-mesboot")
     (version "2.5.9")
     (source (origin
@@ -2167,8 +2167,8 @@ (define gawk-boot0
 
 (define patch-boot0
   (package
-    (inherit patch)
-    (source (bootstrap-origin (package-source patch)))
+    (inherit patch/pinned)
+    (source (bootstrap-origin (package-source patch/pinned)))
     (name "patch-boot0")
     (native-inputs '())
     (inputs
@@ -3482,7 +3482,7 @@ (define-public %final-inputs
                    ("bzip2" ,bzip2)
                    ("file" ,file)
                    ("diffutils" ,diffutils)
-                   ("patch" ,patch)
+                   ("patch" ,patch/pinned)
                    ("findutils" ,findutils)
                    ("gawk" ,gawk)))
           ("sed" ,sed-final)
diff --git a/gnu/packages/lisp.scm b/gnu/packages/lisp.scm
index 6bf93d83c7..6f3bd126cc 100644
--- a/gnu/packages/lisp.scm
+++ b/gnu/packages/lisp.scm
@@ -121,7 +121,7 @@ (define-public cl-asdf
     (build-system trivial-build-system)
     (native-inputs
      `(("config-patch" ,@(search-patches "cl-asdf-config-directories.patch"))
-       ("patch" ,patch)))
+       ("patch" ,patch/pinned)))
     (arguments
      `(#:modules ((guix build utils)
                   (guix build lisp-utils))
diff --git a/guix/packages.scm b/guix/packages.scm
index abe89cdb07..f3a9a61785 100644
--- a/guix/packages.scm
+++ b/guix/packages.scm
@@ -899,7 +899,7 @@ (define (%standard-patch-inputs system)
       ("gzip"  ,(ref '(gnu packages compression) 'gzip))
       ("lzip"  ,(ref '(gnu packages compression) 'lzip))
       ("unzip" ,(ref '(gnu packages compression) 'unzip))
-      ("patch" ,(ref '(gnu packages base) 'patch))
+      ("patch" ,(ref '(gnu packages base) 'patch/pinned))
       ("locales"
        ,(parameterize ((%current-target-system #f)
                        (%current-system system))
-- 
2.45.1





From debbugs-submit-bounces@debbugs.gnu.org Mon Jun 24 01:16:27 2024
Received: (at 47144-done) by debbugs.gnu.org; 24 Jun 2024 05:16:27 +0000
Received: from localhost ([127.0.0.1]:39684 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1sLc42-0005K8-MX
	for submit@debbugs.gnu.org; Mon, 24 Jun 2024 01:16:27 -0400
Received: from mail-qk1-f173.google.com ([209.85.222.173]:43472)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maxim.cournoyer@gmail.com>) id 1sLbZX-0003tV-D3
 for 47144-done@debbugs.gnu.org; Mon, 24 Jun 2024 00:44:56 -0400
Received: by mail-qk1-f173.google.com with SMTP id
 af79cd13be357-79bc769b014so277952085a.1
 for <47144-done@debbugs.gnu.org>; Sun, 23 Jun 2024 21:44:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1719204229; x=1719809029; darn=debbugs.gnu.org;
 h=mime-version:message-id:date:user-agent:references:in-reply-to
 :subject:cc:to:from:from:to:cc:subject:date:message-id:reply-to;
 bh=kyKpmt9HOAdJx5rAYeaAZSnkhAxAr3foEK9wYNZK8Do=;
 b=UdPjMMAkjTpIOj4KUy9JC4JEfMcNJ0ys6S7/H83q9NK2Djwc308g/yDiYnhBj+6Lxc
 rLvhHT14RUZbDE+qvfKOUZ1MM2IVMSO2QeNGaJkjr8k9kIfB1zzGFTfG4M3ML0lpQaWw
 KJeuA4miEBqBFjJPAv+K/jSxlc8NW/+jpkuc3iqf0heZwjWxYU6S5ry0yiBlBek19VDo
 rXbPSu/NkxQCx293rP9gFGNklGXPo9LEPhcVkgX8Wr7ATms4X+qSkL4ATsLBRhTY4XF8
 DlsoFo1DjjiIlpeV971x/Md8OFW5tfP9dEJ4VOHAh7j89WgoTrY9fZYZ7dzIjK2uocVX
 5qdA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1719204229; x=1719809029;
 h=mime-version:message-id:date:user-agent:references:in-reply-to
 :subject:cc:to:from:x-gm-message-state:from:to:cc:subject:date
 :message-id:reply-to;
 bh=kyKpmt9HOAdJx5rAYeaAZSnkhAxAr3foEK9wYNZK8Do=;
 b=toWDJxIZHK4G84AvzL2M3wwYoiuzPfA1byCGk47fD3N7Hih2PYaNH1KlSaefhB82DN
 lFoJMV1+ckxZ1thKUHWciAorlsBNM+MQsueJ69xghmZgf5PigIPc3b9wjLFrKyHZ2UfC
 80AA/rR6a03c+jUGrNWFPeYMjjIaKd9mvItpxWDbxZnZmgdBfuJTaBjijxeFYIIejOZo
 DGD3KeWD/usOhDOg2ItLcmhzrVi1nW4gH5NMesOE4bzdc+jYkrieI5AFfZdqbbXcM/18
 jUe0Nz/pWQWvd/rs6IKZ5MBvjeXww4x+u1Ia+5sjmvAW0LU54DdDzIi43y3X8KR1F9Sk
 lMog==
X-Gm-Message-State: AOJu0YxBxGC5zSkblSEBIP3MuSs5XYuypHLn5amGahZV8suNg9VlNI5w
 6HBPQR567JYUq0U7VveQT6iH41Abq45lo72g5l7rgc21cjzyjwz1
X-Google-Smtp-Source: AGHT+IHX1ZY3RLv/V34gwNjNaMpnpsT15+yUGH/4xi08rRJzQdn/iFFD9NaFKHm5AWLRhJbPhzK6zw==
X-Received: by 2002:a05:620a:4503:b0:795:be11:c626 with SMTP id
 af79cd13be357-79bded4d5f0mr755515585a.26.1719204228939; 
 Sun, 23 Jun 2024 21:43:48 -0700 (PDT)
Received: from hurd (dsl-205-233-124-241.b2b2c.ca. [205.233.124.241])
 by smtp.gmail.com with ESMTPSA id
 af79cd13be357-79bce942edasm280838585a.128.2024.06.23.21.43.46
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Sun, 23 Jun 2024 21:43:48 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
To: 47144-done@debbugs.gnu.org
Subject: Re: bug#47144: security patching of 'patch' package
In-Reply-To: <7663177c58ca72f54b6c715561701952b35910ec.1717634752.git.maxim.cournoyer@gmail.com>
 (Maxim Cournoyer's message of "Wed, 5 Jun 2024 20:46:21 -0400")
References: <a3641c8501b839cb4490edca279bf15a8141b8ea.1717634752.git.maxim.cournoyer@gmail.com>
 <7663177c58ca72f54b6c715561701952b35910ec.1717634752.git.maxim.cournoyer@gmail.com>
User-Agent: Gnus/5.13 (Gnus v5.13)
Date: Mon, 24 Jun 2024 00:43:46 -0400
Message-ID: <87cyo70x31.fsf_-_@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: 3.0 (+++)
X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 Content preview:  Hi,
 Maxim Cournoyer writes: > * gnu/packages/base.scm (patch):
 Rename to... > (patch/pinned): ... this. Hide package. > (patch): New
 variable.
 > * gnu/packages/commencement.scm (patch-mesboot): Inherit from patch/pinned.
 > (patc [...] 
 Content analysis details:   (3.0 points, 10.0 required)
 pts rule name              description
 ---- ---------------------- --------------------------------------------------
 3.0 MANY_TO_CC             Sent to 10+ recipients
 -0.0 SPF_PASS               SPF: sender matches SPF record
 0.0 FREEMAIL_FROM          Sender email is commonly abused enduser mail
 provider (maxim.cournoyer[at]gmail.com)
 0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
 -0.0 RCVD_IN_MSPIKE_H2      RBL: Average reputation (+2)
 [209.85.222.173 listed in wl.mailspike.net]
 -0.0 RCVD_IN_DNSWL_NONE     RBL: Sender listed at https://www.dnswl.org/,
 no trust [209.85.222.173 listed in list.dnswl.org]
 -0.0 T_SCC_BODY_TEXT_LINE   No description available.
X-Debbugs-Envelope-To: 47144-done
X-Mailman-Approved-At: Mon, 24 Jun 2024 01:16:20 -0400
Cc: Josselin Poiret <dev@jpoiret.xyz>, Tobias Geerinckx-Rice <me@tobias.gr>,
 Sharlatan Hellseher <sharlatanus@gmail.com>,
 Ekaitz Zarraga <ekaitz@elenq.tech>, Simon Tournier <zimon.toutoune@gmail.com>,
 Guillaume Le Vaillant <glv@posteo.net>, Mark H Weaver <mhw@netris.org>,
 Ludovic =?utf-8?Q?Court=C3=A8s?= <ludo@gnu.org>,
 Katherine Cox-Buday <cox.katherine.e+guix@gmail.com>,
 Efraim Flashner <efraim@flashner.co.il>, Leo Famulari <leo@famulari.name>,
 Ricardo Wurmus <rekado@elephly.net>, Munyoki Kilyungi <me@bonfacemunyoki.com>,
 jgart <jgart@dismail.de>, Mathieu Othacehe <othacehe@gnu.org>,
 Christopher Baines <guix@cbaines.net>,
 =?utf-8?Q?L=C3=A9o?= Le Bouter <lle-bout@zaclys.net>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: 2.0 (++)
X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 
 Content preview:  Hi, Maxim Cournoyer writes: > * gnu/packages/base.scm (patch):
    Rename to... > (patch/pinned): ... this. Hide package. > (patch): New variable.
    > * gnu/packages/commencement.scm (patch-mesboot): Inherit from patch/pinned.
    > (patc [...] 
 
 Content analysis details:   (2.0 points, 10.0 required)
 
  pts rule name              description
 ---- ---------------------- --------------------------------------------------
  3.0 MANY_TO_CC             Sent to 10+ recipients
 -0.0 RCVD_IN_DNSWL_NONE     RBL: Sender listed at https://www.dnswl.org/,
                              no trust
                             [209.85.222.173 listed in list.dnswl.org]
 -0.0 RCVD_IN_MSPIKE_H2      RBL: Average reputation (+2)
                             [209.85.222.173 listed in wl.mailspike.net]
 -0.0 SPF_PASS               SPF: sender matches SPF record
  0.0 FREEMAIL_FROM          Sender email is commonly abused enduser mail
                             provider (maxim.cournoyer[at]gmail.com)
  0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
 -0.0 T_SCC_BODY_TEXT_LINE   No description available.
 -1.0 MAILING_LIST_MULTI     Multiple indicators imply a widely-seen list
                             manager

Hi,

Maxim Cournoyer <maxim.cournoyer@gmail.com> writes:

> * gnu/packages/base.scm (patch): Rename to...
> (patch/pinned): ... this.  Hide package.
> (patch): New variable.
> * gnu/packages/commencement.scm (patch-mesboot): Inherit from patch/pinned.
> (patch-boot0): Likewise.
> (%final-inputs): Replace patch with patch/pinned.
> * gnu/packages/lisp.scm (cl-asdf): Likewise.
> * guix/packages.scm (%standard-patch-inputs): Replace patch with patch/pinned.
>
> Fixes: https://issues.guix.gnu.org/47144
> Reported-by: Mark H Weaver <mhw@netris.org>
> Change-Id: I54ae41b735f5ba0ebad30ebdfaabe0ccdc3f9873

Applied locally and will push shortly.

-- 
Thanks,
Maxim




From unknown Sat Jun 21 03:17:22 2025
Received: (at fakecontrol) by fakecontrolmessage;
To: internal_control@debbugs.gnu.org
From: Debbugs Internal Request <help-debbugs@gnu.org>
Subject: Internal Control
Message-Id: bug archived.
Date: Mon, 22 Jul 2024 11:24:18 +0000
User-Agent: Fakemail v42.6.9

# This is a fake control message.
#
# The action:
# bug archived.
thanks
# This fakemail brought to you by your local debbugs
# administrator