bug#64982: Closing

guix-patches

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#64982: Closing

From:	Andreas Enge
Subject:	bug#64982: Closing
Date:	Thu, 7 Sep 2023 18:38:40 +0200

Hello Denis,

thanks for the patch! This was fixed in commit
commit 310b0f72d8749376832fa1f149837a83d8e74629
Author: Tobias Geerinckx-Rice <me@tobias.gr>
Date:   Sun Aug 13 02:00:00 2023 +0200
    gnu: libressl: Update to 3.7.3 [fixes CVE-2023-35784].
    Thanks to Dennis 'GNUtoo' Carikli for <https://issues.guix.gnu.org/64982>,
    but upgrading to 3.8.0 breaks (at least) OpenSMTPd.
    * gnu/packages/tls.scm (libressl): Update to 3.7.3.

Indeed QA shows that opensmtpd fails:
   https://qa.guix.gnu.org/issue/64982
   https://bordeaux.guix.gnu.org/build/16cbfca4-a0a3-4374-9ae4-6c1dad67494b/log

I am closing this bug, as updating libressl to the most recent version
is a different topic. Actually the 3.8.0 and 3.8.1 releases are called
"development releases" in the release notes:
   https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.8.0-relnotes.txt
   https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.8.1-relnotes.txt
while 3.7.3 does not have the "development" term:
   https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.7.3-relnotes.txt
so we may be better off sticking with 3.7.x for the moment.

Andreas

[Prev in Thread]

Current Thread

[Next in Thread]

bug#64982: Closing, Andreas Enge <=

Prev by Date: [bug#65807] [PATCH v2 5/9] gnu: libftdi: Build ftdi_eeprom.
Next by Date: [bug#65807] [PATCH v2 3/9] gnu: libftdi: Do not build example programs.
Previous by thread: [bug#35619] WIP version of postfix.scm
Next by thread: bug#64145: [PATCH] gnu: yggdrasil: Update to 0.4.7.
Index(es):
- Date
- Thread