On Mon, Feb 29, 2016 at 03:48:15AM -0500, Leo Famulari wrote: > On Sun, Feb 28, 2016 at 02:37:54PM +0100, Ludovic Courtès wrote: > > Leo Famulari <[email protected]> skribis: > > > > > On Sat, Feb 27, 2016 at 06:05:29PM +0100, Ludovic Courtès wrote: > > >> Commit 784d6e91 changed OpenSSL such that it does not depend on Perl, > > >> but one of the subsequent upgrades broke it: > > > > > > Bisecting, I narrowed it down to: > > > 86c8f1daf8ed10f13f2b1e973a28845629b8ce47 > > > (gnu: openssl: Update to 1.0.2e [fixes CVE-2015-{3193,3194,3195}].). > > > > > > I'll get the openssl sources corresponding to the good and bad commmits > > > and try to figure out what changed that pulled perl back in. > > > > Also we should add something like: > > > > #:allowed-references (list (canonical-package glibc) > > (list (canonical-package gcc) "lib") > > "out") > > > > to avoid regressions. > > Okay, good idea.
Normally I wouldn't forward mail from bug-guix to guix-devel. I need help with a patch addressing a bug that I'd like to see fixed alongside tomorrow's OpenSSL update, so I'm trying to increase the exposure. I need help setting up #:allowed-references: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=22831#23
