Mark H Weaver <[email protected]> writes: > Leo Famulari <[email protected]> writes: > >> On Sat, Oct 06, 2018 at 06:53:36PM +0200, Marius Bakke wrote: >>> From 2891a9acb7704c3397ef34fbb520b46936504422 Mon Sep 17 00:00:00 2001 >>> From: Marius Bakke <[email protected]> >>> Date: Sat, 6 Oct 2018 18:50:47 +0200 >>> Subject: [PATCH] gnu: python2: Add upstream security fixes. >>> >>> This addresses CVE-2018-{1060,1061,14647,1000802}. >>> >>> * gnu/packages/patches/python2-CVE-2018-1000802.patch, >>> gnu/packages/patches/python2-CVE-2018-1060.patch, >>> gnu/packages/patches/python2-CVE-2018-1061.patch, >>> gnu/packages/patches/python2-CVE-2018-14647.patch: New files. >>> * gnu/local.mk (dist_patch_DATA): Register it. >>> * gnu/packages/python.scm (python-2/fixed): New variable. >>> (python-2.7)[replacement]: New field. >>> (python2-minimal): Use PACKAGE/INHERIT. >> >> Thanks! I did some basic tests and things seem to work. > > I added this commit to my private branch a few days ago, along with the > Python-3 CVE-2018-14647 fix (with the added hunk), updated my GuixSD > GNOME 3 system and user profile, and everything seems to be working > well. > > I think they are both ready to push to master.
Hi Mark, Thank you very much for testing. I've pushed these patches now, sorry for the delay!
signature.asc
Description: PGP signature
