[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] gnu: w3m: Switch to Debian's actively maintained fork of w3m
|
From: |
Eric Bavier |
|
Subject: |
Re: [PATCH] gnu: w3m: Switch to Debian's actively maintained fork of w3m. |
|
Date: |
Thu, 3 Nov 2016 22:17:18 -0500 |
On Thu, 03 Nov 2016 18:54:55 -0400
Kei Kebreau <address@hidden> wrote:
> From b837111e3ddf406a3b9235538f63af678e3ac741 Mon Sep 17 00:00:00 2001
> From: Kei Kebreau <address@hidden>
> Date: Thu, 3 Nov 2016 17:58:48 -0400
> Subject: [PATCH] gnu: w3m: Switch to Debian's actively maintained fork of w3m.
>
> Fixes some security issues seen here:
> <http://www.openwall.com/lists/oss-security/2016/11/03/3>
>
> * gnu/packages/patches/w3m-upstream-20120522.patch: New file.
> * gnu/packages/patches/w3m-debian-updates.patch: New file.
> * gnu/packages/w3m.scm (w3m): Switch to Debian's actively maintained
> fork of w3m.
> [source]: Use Debian's tarball and patches. Remove obsolete patches.
> [arguments]: Remove unnecessary modification of %standard-phases.
> * gnu/local.mk (dist_patch_DATA): Register new patches. Remove obsolete
> patches.
> ---
> gnu/local.mk | 6 +-
> gnu/packages/patches/w3m-debian-updates.patch | 28498
> +++++++++++++++++++
So theirs is the only actively maintained version of w3m and all they
can provide is a 28.5 thousand line patch? No VCS repository? There
must be some point at which it would be better for us to fetch the
patch in an origin rather than importing it into our repo.
> .../patches/w3m-disable-sslv2-and-sslv3.patch | 24 -
> .../patches/w3m-disable-weak-ciphers.patch | 24 -
> .../patches/w3m-force-ssl_verify_server-on.patch | 24 -
> gnu/packages/patches/w3m-libgc.patch | 28 -
> gnu/packages/patches/w3m-upstream-20120522.patch | 157 +
> gnu/packages/w3m.scm | 37 +-
> 8 files changed, 28668 insertions(+), 130 deletions(-)
> create mode 100644 gnu/packages/patches/w3m-debian-updates.patch
> delete mode 100644 gnu/packages/patches/w3m-disable-sslv2-and-sslv3.patch
> delete mode 100644 gnu/packages/patches/w3m-disable-weak-ciphers.patch
> delete mode 100644 gnu/packages/patches/w3m-force-ssl_verify_server-on.patch
> delete mode 100644 gnu/packages/patches/w3m-libgc.patch
> create mode 100644 gnu/packages/patches/w3m-upstream-20120522.patch
Please list the removed patches in the commit message.
`~Eric
pgpaR0_1iMbNn.pgp
Description: OpenPGP digital signature
- [PATCH] gnu: w3m: Switch to Debian's actively maintained fork of w3m., Kei Kebreau, 2016/11/03
- [PATCH] gnu: w3m: Switch to Debian's actively maintained fork of w3m., Kei Kebreau, 2016/11/03
- Re: [PATCH] gnu: w3m: Switch to Debian's actively maintained fork of w3m.,
Eric Bavier <=
- Re: [PATCH] gnu: w3m: Switch to Debian's actively maintained fork of w3m., Leo Famulari, 2016/11/04
- Re: [PATCH] gnu: w3m: Switch to Debian's actively maintained fork of w3m., Ludovic Courtès, 2016/11/04
- Re: [PATCH] gnu: w3m: Switch to Debian's actively maintained fork of w3m., Kei Kebreau, 2016/11/04
- Re: [PATCH] gnu: w3m: Switch to Debian's actively maintained fork of w3m., Kei Kebreau, 2016/11/04
- Re: [PATCH] gnu: w3m: Switch to Debian's actively maintained fork of w3m., Leo Famulari, 2016/11/04
- Re: [PATCH] gnu: w3m: Switch to Debian's actively maintained fork of w3m., Kei Kebreau, 2016/11/04
- Re: [PATCH] gnu: w3m: Switch to Debian's actively maintained fork of w3m., Leo Famulari, 2016/11/04
- Re: [PATCH] gnu: w3m: Switch to Debian's actively maintained fork of w3m., Kei Kebreau, 2016/11/04
- Re: [PATCH] gnu: w3m: Switch to Debian's actively maintained fork of w3m., Leo Famulari, 2016/11/04