I just ran the following command on my Thinkpad X200 running GuixSD:
./pre-inst-env guix environment guile --ad-hoc autoconf automake libtool flex
gettext
Using the guix client from a git checkout at v0.13.0-1496-gcfd6a3b1e,
and using guix-daemon from guix-0.13.0-3.b547349.
This command took
There are several packages that fetch their sources over the Git
protocol. That is, 'git://'.
This protocol is unauthenticated, which is not great, although not 100%
terrible since we know the hash of what we are trying to fetch. Also, it
uses port 9418 which is blocked more often than 443 or 80.
Hi Ludo,
On Thu, 20 Jul 2017 22:32:29 +0200
l...@gnu.org (Ludovic Courtès) wrote:
> > So... just leave the entire "search" instruction off if it's created by
> > grub-mkrescue ? That's how one could interpret thir "root device"
> > sentence...
>
> Oooh, interesting, that comes in handy. :-
Heya,
Danny Milosavljevic skribis:
>> With iso9660, it works… by chance, because GRUB’s “search --fs-uuid”
>> fails. Guess why? Because it compares UUIDs as strings, and we format
>> it as a DCE UUID instead of an ISO UUID. Sounds familiar no? :-)
>
> Yeah :)
>
>> So that’s where we are. Th
On Thu, Jul 20, 2017 at 05:54:06PM +0200, Ludovic Courtès wrote:
> Leo Famulari skribis:
>
> > This is a place to discuss the "stack crash" bugs as they apply to our
> > packages.
> >
> > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000366
> > https://www.qualys.com/2017/06/19/stack-c
On Wed, Jul 19, 2017 at 10:40:20PM +0200, Ludovic Courtès wrote:
> Leo Famulari skribis:
> > They recommend we apply for a vendor zone instead [2]. We would not have
> > to run our own NTP servers.
> >
> > Does anyone know if GNU or the FSF have a vendor zone we could use?
> > Otherwise, we should
Hi Ludo,
> With iso9660, it works… by chance, because GRUB’s “search --fs-uuid”
> fails. Guess why? Because it compares UUIDs as strings, and we format
> it as a DCE UUID instead of an ISO UUID. Sounds familiar no? :-)
Yeah :)
> So that’s where we are. Thoughts on how to address it?
https:
Leo Famulari skribis:
> This is a place to discuss the "stack crash" bugs as they apply to our
> packages.
>
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000366
> https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
I think we can close this bug now, can’t we?
Ludo’.
Hello!
Alex Kost skribis:
> Ricardo Wurmus (2017-02-17 23:38 +0100) wrote:
>
> [...]
>>>(let* ((profiles (match (filter-map (match-lambda
>>> -(('profile . p) p)
>>> -(_ #f))
>>> +
