bug#47204: DrRacket fonts issue

Hi Guix, DrRacket, both 7.9 and the fixed [0] 8.0 seem to have a fonts issue resulting in attatched screenshot with boxes where I expect readable characters. I have many fonts installed and recently ran `fc-cache -rvf`. [0] https://issues.guix.gnu.org/47180 I'm running Guix System. Extra

bug#47185: grub2 package is vulnerable to CVE-2020-14372, CVE-2020-25632, CVE-2020-25647, CVE-2020-27749, CVE-2020-27779, CVE-2021-20225, CVE-2021-20233 and CVE-2021-3418

On Tue, Mar 16, 2021 at 07:47:43PM -0400, Mark H Weaver wrote: > I think we should refrain from updating GRUB until there's an official > upstream stable release. Even then, I would advise making an effort to > test it on Guix systems, using several different system configurations, > before

bug#47201: sbcl-cl-webkit doesn't protect webkitgtk from garbage collection

On Tue, Mar 16, 2021 at 11:40:05PM +, pkill9 wrote: > I have nyxt installed, which has sbcl-cl-webkit as an input, which has > webkitgtk as an input, and recently it produced an error which was > fixed by building webkitgtk, so it wasn't in the store. > > sbcl-cl-webkit won't be deleted by

bug#47185: grub2 package is vulnerable to CVE-2020-14372, CVE-2020-25632, CVE-2020-25647, CVE-2020-27749, CVE-2020-27779, CVE-2021-20225, CVE-2021-20233 and CVE-2021-3418

Hi Léo, Léo Le Bouter via Bug reports for GNU Guix writes: > NOTE: SecureBoot on GNU Guix is not something common at all, so the > urgency to fix this issue is not as great as if we explicitly > advertised support for SecureBoot. I would go further and question whether *anyone* is using

bug#47201: sbcl-cl-webkit doesn't protect webkitgtk from garbage collection

I have nyxt installed, which has sbcl-cl-webkit as an input, which has webkitgtk as an input, and recently it produced an error which was fixed by building webkitgtk, so it wasn't in the store. sbcl-cl-webkit won't be deleted by `guix gc`, however webkitgtk will be, so it seems it's not protected

bug#47121: [Mumi] Why does Mumi display my name as "Mark HWeaver"?

Arun Isaac writes: >> @Arun, does this sound familiar to you? > > Thanks for the bug report! It was indeed a regression in guile-email. I > have fixed it, and added a test. See > https://git.systemreboot.net/guile-email/commit/?id=ca0520a33c9042a68691d85c6849f88412ca8357 Thanks to both of you

bug#47176: QEMU 5.2.0 doesn't build reproducibly [regression]

Hello, Maxim Cournoyer writes: > QEMU 5.1.0 builds reproducibly, but 5.2.0 doesn't. > > Here's a summary of the differing files: > > Here's a summary of the differing files: > > $ diff -r /gnu/store/l286mbanw78qgbn54gs5j23qm0v9abhw-qemu-5.2.0{,-check} > Binary files >

bug#47195: xboard: alsa-utils dependency

xboard package needs to be explicitly dependent on alsa-utils, since it uses the `aplay' utility to play sounds. I think this maybe wasn't noticed before because alsa-utils used to be a common part of the desktop environment. christopher@nightshade ~$ guix describe Generation 2Feb 25 2021

bug#47192: issues.guix.org not showing patch series?

OK, I see that (I don't use emacs-debbugs) has your 2/2 patch. That rules out mail delivery outages and I was simply unrelatedly unlucky. :-(

bug#47192: issues.guix.org not showing patch series?

Hello! I just submitted a patch series for an endlessh service! However, issues.guix.gnu.org/39136 does not properly show the patch series. :( Maybe I just submitted the patch series incorrectly. :) You can see the patch series here:

bug#47190: Building git fails because of a hash mismatch

Léo Le Bouter writes: > Yes, this is fixed by 0ee5d4f7a8e25be437297f88ed7013c4f37abafb, simply > "guix pull", there's nothing we can do to the older commits. Thanks for the quick fix, this works fine indeed! Konrad

bug#47190: Building git fails because of a hash mismatch

On Tue, 2021-03-16 at 13:57 +0100, Konrad Hinsen wrote: > With Guix commit (ab9629b7c91ff7d6392a03512cfe44282326), building > git fails because of a hash mismatch when downloading the man pages > (see > log below). > Yes, this is fixed by 0ee5d4f7a8e25be437297f88ed7013c4f37abafb, simply

bug#47188: "guix lint -c cve" does not account for language prefixes (rust-, python-, go-, ..)

Hi, On Tue, 16 Mar 2021 at 10:30, Léo Le Bouter via Bug reports for GNU Guix wrote: > ./pre-inst-env guix lint -c cve python-urllib3@1.26.2 > Here this should return at least CVE-2021-28363 but it does not because > the CVE database contains urllib3 and not python-urllib3 (which AFAICT > the

bug#47190: Building git fails because of a hash mismatch

With Guix commit (ab9629b7c91ff7d6392a03512cfe44282326), building git fails because of a hash mismatch when downloading the man pages (see log below). I'd be happy to submit a patch that updates the hash, but it's perhaps worth figuring out first what went wrong here. Konrad. building

bug#46942: ci.guix.gnu.org is slow from my system

Here's another error! For *this* instance notice the very slow download speed; other downloads got up to 2MiB/s. If my understanding is correct the SJTUG server is effectively a caching proxy, meaning that the low download speed here probably means that the SJTUG server itself is downloading

bug#47189: octave needs to be wrapped with coreutils

I tracked down a bug where octave has a function called 'copyfile' which shells out to call 'cp -r' but in an environment without coreutils, or when in a script with PATH unset, it fails. try it out with the following: touch foo guix environment --pure --ad-hoc octave-cli -- \ octave --eval

bug#47106: Bubblewrap hates Guix containers 

Hi, Am Dienstag, den 16.03.2021, 11:54 +0100 schrieb Bengt Richter: > Hi Leo, > One more favor? ;) > > On +2021-03-14 19:05:24 +0100, Leo Prikler wrote: > > Hi again³ > > > > Am Sonntag, den 14.03.2021, 18:45 +0100 schrieb Bengt Richter: > > > Hi again^2, > > > > > > Maybe > > > pstree -at

bug#47106: Bubblewrap hates Guix containers 

Hi Leo, One more favor? ;) On +2021-03-14 19:05:24 +0100, Leo Prikler wrote: > Hi again³ > > Am Sonntag, den 14.03.2021, 18:45 +0100 schrieb Bengt Richter: > > Hi again^2, > > > > Maybe > > pstree -at > > would show a little more? > sh > |-dbus-daemon --syslog-only --fork --print-pid 5

bug#47188: "guix lint -c cve" does not account for language prefixes (rust-, python-, go-, ..)

./pre-inst-env guix lint -c cve python-urllib3@1.26.2 Here this should return at least CVE-2021-28363 but it does not because the CVE database contains urllib3 and not python-urllib3 (which AFAICT the cve linter searches for). Annotating each and every python-, go-, and rust- package with

bug#47115: Redundant library grafts leads to breakage (was: Failure building grub-img.png when reconfiguring)

retitle 47115 Redundant library grafts leads to breakage thanks Hi, I looked a bit deeper, and now I think I finally know what's going on. It turns out that the grafting process is creating two redundant variants of the replacement guile-cairo. All of the relevant information is in

bug#47123: Quagga source code is gone

Hi, zimoun skribis: > On Sat, 13 Mar 2021 at 15:37, Ludovic Courtès wrote: >> >> The Quagga tarballs and Git repository on Savannah as linked from >> are all 404: > > [...] > >> I can’t find an alternate hosting site. > > We could do the same trick as with other

bug#42174: GNU Icecat showing Github Icons?

Ricardo Wurmus writes: > I see the same on https://ie.wikipedia.org/wiki/Lewis_Carroll (and other > pages of the ie.wikipedia.org site), but not on other sites. > > I have these fonts installed in my profile: > > --8<---cut here---start->8--- > font-wqy-zenhei

bug#47064: [racket-users] bytevector-uncompress: internal error uncompressing

On Mon, 15 Mar 2021, Philip McGrath wrote: Aha! Running: guix environment --ad-hoc --no-grafts racket -- drracket launches DrRacket just fine. My guess is that Racket CS is compressing string literals in compiled code. Currently, Guix patches Racket source files to include the absolute

bug#47185: grub2 package is vulnerable to CVE-2020-14372, CVE-2020-25632, CVE-2020-25647, CVE-2020-27749, CVE-2020-27779, CVE-2021-20225, CVE-2021-20233 and CVE-2021-3418

NOTE: SecureBoot on GNU Guix is not something common at all, so the urgency to fix this issue is not as great as if we explicitly advertised support for SecureBoot. signature.asc Description: This is a digitally signed message part

bug#47186: python2 variants made through (package-with-python2 (strip-python2-variant ...)) don't inherit grafts

As outlined by: - https://git.savannah.gnu.org/cgit/guix.git/commit/?id=a01bfa7deed1d556fc75ab5588517442054bc5a9 - https://git.savannah.gnu.org/cgit/guix.git/commit/?id=db87d6ddafd26c5ad657178cf7fdab524d05c522 Two commits needed to be made to fix the issue both in the python2 and python3

bug#47115: Grafts without deduplication can lead to breakage in Guile (was: Failure building grub-img.png when reconfiguring)

retitle 47115 Grafts without deduplication can lead to breakage in Guile thanks Hi Jack, Jack Hill writes: > I believe that I have identified the problematic difference in my > operating system config between my working and non-working hosts. Thanks very much for your investigation. > I am

bug#47185: grub2 package is vulnerable to CVE-2020-14372, CVE-2020-25632, CVE-2020-25647, CVE-2020-27749, CVE-2020-27779, CVE-2021-20225, CVE-2021-20233 and CVE-2021-3418

On Tue, 2021-03-16 at 09:08 +0100, Léo Le Bouter via Bug reports for GNU Guix wrote: > There is no new upstream release so patching this appears to be some > kind of sport. There seems to be a release candidate available: https://lists.gnu.org/archive/html/grub-devel/2021-03/msg00219.html

bug#47185: grub2 package is vulnerable to CVE-2020-14372, CVE-2020-25632, CVE-2020-25647, CVE-2020-27749, CVE-2020-27779, CVE-2021-20225, CVE-2021-20233 and CVE-2021-3418

As outlined by https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GRUB2SecureBootBypass2021 we have a new wave of GRUB security vulnerabilities around SecureBoot. There is no new upstream release so patching this appears to be some kind of sport. Debian has patched it in this commit: