[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] gnu: libgcrypt: Update to 1.6.5. (security update)
From: |
Mark H Weaver |
Subject: |
Re: [PATCH] gnu: libgcrypt: Update to 1.6.5. (security update) |
Date: |
Wed, 10 Feb 2016 15:46:03 -0500 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/25.0.90 (gnu/linux) |
Andreas Enge <address@hidden> writes:
> Hello,
>
> On Tue, Feb 09, 2016 at 03:15:38PM -0500, Mark H Weaver wrote:
>> Alas, this will require at least 7000 rebuilds. After the current
>> 'security-updates' branch is merged, this should go on the next
>> 'security-updates' branch, together with more fixes for graphite2 and
>> libsndfile.
>
> it looks like we are almost there. Do you think we could squeeze in an
> evaluation and build of wip-pulseaudio after updating master and rebasing
> the wip branch on master?
I'm reluctant to delay a critical security update like this, which
apparently allows a compromised web site to perform remote code
execution in our graphical web browsers. I, for one, am running
text-only for now, and am impatient to return back to the modern era.
What's the nature of the pulseaudio update? Why is it important?
What do other people think?
Mark