[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 01/68] gnu: Add flex-2.6.1.
From: |
Leo Famulari |
Subject: |
Re: [PATCH 01/68] gnu: Add flex-2.6.1. |
Date: |
Sat, 29 Oct 2016 16:40:55 -0400 |
User-agent: |
Mutt/1.7.1 (2016-10-04) |
On Sat, Oct 29, 2016 at 07:46:53PM +0100, Marius Bakke wrote:
> David Craven <address@hidden> writes:
>
> > * gnu/packages/flex.scm (flex-2.6.1): New variable.
>
> This is newer than what we currently have (2.6.0). I know it's late in
> the core-updates cycle, but maybe we can squeeze in a flex upgrade?
Unfortunately, changing flex will cause ~1500 rebuilds per architecture,
so I think we won't do it unless there is some very serious problem.
Also see commit eba7fab890f43 on core-updates, which fixes a bug
(CVE-2016-6354) that allow DOS and potentially arbitrary code execution
in code generated by flex.
Updating flex to the latest version should happen in the next
core-updates, or possibly in an earlier staging / security-updates
cycle.
signature.asc
Description: PGP signature
- [PATCH 62/68] gnu: kservice: Update to 5.27.0., (continued)
- [PATCH 62/68] gnu: kservice: Update to 5.27.0., David Craven, 2016/10/29
- [PATCH 61/68] gnu: krunner: Update to 5.27.0., David Craven, 2016/10/29
- [PATCH 63/68] gnu: ktexteditor: Update to 5.27.0., David Craven, 2016/10/29
- [PATCH 64/68] gnu: ktextwidgets: Update to 5.27.0., David Craven, 2016/10/29
- [PATCH 65/68] gnu: kwallet: Update to 5.27.0., David Craven, 2016/10/29
- [PATCH 66/68] gnu: kxmlgui: Update to 5.27.0., David Craven, 2016/10/29
- [PATCH 67/68] gnu: kxmlrpcclient: Update to 5.27.0., David Craven, 2016/10/29
- [PATCH 68/68] gnu: plasma-framework: Update to 5.27.0., David Craven, 2016/10/29
- Re: [PATCH 01/68] gnu: Add flex-2.6.1., Marius Bakke, 2016/10/29