On 03/06/2014 03:47 AM, Ken Moffat wrote: > On Wed, Mar 05, 2014 at 08:17:50PM -0600, Bruce Dubbs wrote: >> Ken Moffat wrote: >>> >>> For anyone who wasn't aware of this vulnerability (I suspect that >>> in this case I'm behind the curve, and you've probably all already >>> fixed your own affected systems), 3.2.12.1 builds with the current >>> instructions, and links to the book's current version of p11-kit. >>> The timings for make check and for rebuilding the docs are, however, >>> quite different on my machine. I'll put it in the book when svn is >>> open, >> >> The book is released. svn is open now. >> >> -- Bruce >> > Thanks. >> >> and then do a chroot gnome build to try to spot anything which >>> fails to build. > > Started a few minutes ago. Unfortunately, gnutls is near the end > of those desktop builds on which I use it (gnome, or normal+xfce), > so it is going to take some time. At least I've got through gcc > pass 1 with make -j4. > > This makes me understand why debian stable updates take so long : > test everything, get ready, get hit by a new vulnerability, rebuild > everything. At least the BLFS book, and my own builds using gnutls, > don't have so many packages as debian. > > BTW I haven't seen a release announcemnt yet, so I'll take this > opportunity to thank you for all the work you've put into 7.5. > > ĸen >
That's rather not correct. If a package a is dynamically linked to package b and package b gets updated to new version that doesn't have an ABI break (soname in b v1.2 is same as in b v1.0, ie libb.so.1), you *don't* need to recompile package a or anything else. In case of ABI break (b v1.4 has libb.so.2 and b v1.2 has libb.so.1), only the packages that link against libb.so.1 have to be recompiled against libb.so.2, NOTHING ELSE. In the gnutls case, you didn't need to recompile anything since there was no ABI break (there was, but it was reverted since it was not intentional). So even when you upgrade glibc from version 2.12 to version 2.19, you don't need to rebuild anything, since libc.so.6 in 2.19 still exports the same interfaces it did in 2.12 and also some aditional ones that got introduced later, but they are not important since they are not used by the software compiled against 2.12. -- Note: My last name is not Krejzi. -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
