[bug#61583] [PATCH] gnu: git: Update to 2.39.2 [fixes CVE-2023-22490 & C

guix-patches

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#61583] [PATCH] gnu: git: Update to 2.39.2 [fixes CVE-2023-22490 & C

From:	Josselin Poiret
Subject:	[bug#61583] [PATCH] gnu: git: Update to 2.39.2 [fixes CVE-2023-22490 & CVE-2023-23946].
Date:	Sat, 04 Mar 2023 11:30:57 +0100

Hi Leo,

Leo Famulari <leo@famulari.name> writes:

> That's not a significant number of packages.
>
> Overall, git and git-minimal will cause more than 300 rebuilds, but not
> too many for the current state of the build farm.
>
> Concretely, why can't we push this to master immediately?

`guix refresh` is not great for core packages: it only detects things
that depend on other packages through inputs. Here though, git is used
indirectly by git-fetch origins, and would affect the dependency graph a
lot more.  I think this should be grafted to avoid too many rebuilds,
and ungrafted on core-updates (maybe now, maybe after the big
core-updates merge).

Best,
-- 
Josselin Poiret

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

[bug#61583] [PATCH] gnu: git: Update to 2.39.2 [fixes CVE-2023-22490 & CVE-2023-23946]., Simon Tournier, 2023/03/03
- [bug#61583] [PATCH] gnu: git: Update to 2.39.2 [fixes CVE-2023-22490 & CVE-2023-23946]., Tobias Geerinckx-Rice, 2023/03/03
- [bug#61583] [PATCH] gnu: git: Update to 2.39.2 [fixes CVE-2023-22490 & CVE-2023-23946]., Maxim Cournoyer, 2023/03/03
  - [bug#61583] [PATCH] gnu: git: Update to 2.39.2 [fixes CVE-2023-22490 & CVE-2023-23946]., Leo Famulari, 2023/03/03
- [bug#61583] [PATCH] gnu: git: Update to 2.39.2 [fixes CVE-2023-22490 & CVE-2023-23946]., Leo Famulari, 2023/03/03
  - [bug#61583] [PATCH] gnu: git: Update to 2.39.2 [fixes CVE-2023-22490 & CVE-2023-23946]., Josselin Poiret <=
    - [bug#61583] [PATCH] gnu: git: Update to 2.39.2 [fixes CVE-2023-22490 & CVE-2023-23946]., Leo Famulari, 2023/03/04
    - [bug#61583] [PATCH] gnu: git: Update to 2.39.2 [fixes CVE-2023-22490 & CVE-2023-23946]., Tobias Geerinckx-Rice, 2023/03/04
    - [bug#61583] [PATCH] gnu: git: Update to 2.39.2 [fixes CVE-2023-22490 & CVE-2023-23946]., Maxim Cournoyer, 2023/03/06
    - [bug#61583] [PATCH] gnu: git: Update to 2.39.2 [fixes CVE-2023-22490 & CVE-2023-23946]., Josselin Poiret, 2023/03/04
    - [bug#61583] [PATCH] gnu: git: Update to 2.39.2 [fixes CVE-2023-22490 & CVE-2023-23946]., Leo Famulari, 2023/03/05
  - [bug#61583] [PATCH] gnu: git: Update to 2.39.2 [fixes CVE-2023-22490 & CVE-2023-23946]., Simon Tournier, 2023/03/04
    - [bug#61583] [PATCH] gnu: git: Update to 2.39.2 [fixes CVE-2023-22490 & CVE-2023-23946]., Leo Famulari, 2023/03/05
    - [bug#61583] [PATCH] gnu: git: Update to 2.39.2 [fixes CVE-2023-22490 & CVE-2023-23946]., Christopher Baines, 2023/03/05
    - [bug#61583] [PATCH] gnu: git: Update to 2.39.2 [fixes CVE-2023-22490 & CVE-2023-23946]., Simon Tournier, 2023/03/05

Prev by Date: [bug#61935] [PATCH] gnu: sbcl-nsymbols: Update to 0.3.0.
Next by Date: [bug#60564] [PATCH] scripts: refresh: Add -T option.
Previous by thread: [bug#61583] [PATCH] gnu: git: Update to 2.39.2 [fixes CVE-2023-22490 & CVE-2023-23946].
Next by thread: [bug#61583] [PATCH] gnu: git: Update to 2.39.2 [fixes CVE-2023-22490 & CVE-2023-23946].
Index(es):
- Date
- Thread