[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug#61583] [PATCH] gnu: git: Update to 2.39.2 [fixes CVE-2023-22490 & C
From: |
Simon Tournier |
Subject: |
[bug#61583] [PATCH] gnu: git: Update to 2.39.2 [fixes CVE-2023-22490 & CVE-2023-23946]. |
Date: |
Fri, 03 Mar 2023 20:14:07 +0100 |
Hi,
CC: core team
On Mon, 20 Feb 2023 at 12:44, Simon Tournier <zimon.toutoune@gmail.com> wrote:
> On ven., 17 févr. 2023 at 18:04, Greg Hogan <code@greghogan.com> wrote:
>> * gnu/packages/version-control.scm (git): Update to 2.39.2.
>
> As noticed previously for an update of Git, this implies a lot of
> rebuilds because git-minimal inherits from git.
Well, I locally rebuilt all and maybe a couple of packages break. The
rebuild is intensive and I do not know if such update should to master
or core-updates and/or use some grafts.
For instance, QA is still saying nothing after 12 days.
https://qa.guix.gnu.org/issue/61583
> Well, I am checking if git-minimal is used only for the tests by some of
> the packages.
I have tried to replace the plain ’git’ or ’git-minimal’ by
’git-minimal/pinned’ for some packages. It does not change much.
> For sure, it is a concern since it is a security fixes.
Hum, we are not very reactive. :-)
Cheers,
simon
- [bug#61583] [PATCH] gnu: git: Update to 2.39.2 [fixes CVE-2023-22490 & CVE-2023-23946].,
Simon Tournier <=