bug#30414: Libreoffice CVE-2018-6871 [remote read of any local files]

On Sun, Feb 11, 2018 at 02:29:02PM +, Marius Bakke wrote: > I gave this a go, and there were (of course) a lot more changes > necessary to make this newer libreoffice build. In particular, it now > works with an external xmlsec (albeit NSS only), and it wants to build > PDFium(!) in the same

bug#30414: Libreoffice CVE-2018-6871 [remote read of any local files]

Leo Famulari writes: >> From a28e82e1e3d480d5edf374cea062536d4c8d6d82 Mon Sep 17 00:00:00 2001 >> From: Marius Bakke >> Date: Sun, 11 Feb 2018 11:46:27 +0100 >> Subject: [PATCH] gnu: libreoffice: Update to 5.4.5.1 [CVE-2018-6871]. >> >> *

bug#30414: Libreoffice CVE-2018-6871 [remote read of any local files]

On Sun, Feb 11, 2018 at 03:08:59PM +, Marius Bakke wrote: > I've attached a revised patch that adds libltdl, and removes the > automake inputs. However, I have to leave now, so could you please > verify that it works and push? I can provide moral support on #guix if > nothing else :-) Can

bug#30415: Unzip CVE-2018-1000031 and others

On Sat, Feb 10, 2018 at 01:57:28PM -0500, Leo Famulari wrote: > We need to fix CVE-2018-131, CVE-2018-132, CVE-2018-133, > CVE-2018-134, CVE-2018-135 in UnZip: > > http://seclists.org/oss-sec/2018/q1/134 > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-131 and etc

bug#30394: ARM compilation via qemu binfmt - Assertion failure

On Sun, Feb 11, 2018 at 12:45:18AM +0100, Chris Marusich wrote: > Danny Milosavljevic writes: > > > This is only fixed in glibc 2.27 (not in core-updates). > > Should we upgrade glibc in core-updates, then? Or is it better to do it > in the next core-updates cycle, to

bug#30401: gitolite some important hooks not working

n...@crash.cx writes: > A paste that lost its formatting but speaks for itself: > > Counting objects: 4, done. > Delta compression using up to 4 threads. > Compressing objects: 100% (3/3), done. > Writing objects: 100% (4/4), 1.03 KiB | 1.03 MiB/s, done. > Total 4 (delta 0), reused 0 (delta 0) >

bug#30401: gitolite some important hooks not working

On Sun, 11 Feb 2018, Ricardo Wurmus wrote: > n...@crash.cx writes: > >> A paste that lost its formatting but speaks for itself: >> >> Counting objects: 4, done. >> Delta compression using up to 4 threads. >> Compressing objects: 100% (3/3), done. >> Writing objects: 100%

bug#30428: guix git-fetch doesn't specify "--depth 1" - git clone clones a lot without any use

git-fetch doesn't allow specifying "--depth 1". That means the repo clones are needlessly large. Since in packages we only need one specific commit anyhow why do we fetch all the other commits?

bug#30365: Offloading sometimes hangs

Hi Ludo, > l...@gnu.org (Ludovic Courtès) skribis: > >> So what we have here is that the Scheme procedure ‘select’ returned >> stdin as “ready for reading”. How did that happen? I believe this is >> due to : ‘scm_i_prepare_to_wait_on_fd’ >> returns 1, so ‘select’