Hi McSinyx,
security-relevant bugs ought to go to , see [1].
Since a patch exists for glibc all the way back to 2.30, I suppose a
graft can be used and should be performed timely.
Cheers
[1] https://guix.gnu.org/en/security/
Hello Guix,
Last week, an overflow bug in glibc's iconv(3) was discovered:
https://www.openwall.com/lists/oss-security/2024/04/17/9
It may enable remove code execution through PHP. Due to
the immutable nature of Guix, is it possible to hotpatch
this using graft, or do we need to rebuild to