libssh vulnerability

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

libssh vulnerability

From:	Leo Famulari
Subject:	libssh vulnerability
Date:	Sun, 21 Oct 2018 15:19:19 -0400
User-agent:	Mutt/1.10.1 (2018-07-13)

On Sat, Oct 20, 2018 at 01:17:48PM -0700, Chris Marusich wrote:
> Will this change trigger many rebuilds?  It has many dependents:
> 
> --8<---------------cut here---------------start------------->8---
> $ guix refresh -l libssh2
> Building the following 1321 packages would ensure 3307 dependent
> packages are rebuilt: [...]
> --8<---------------cut here---------------end--------------->8---

It's true that libssh2 has too many dependents to update without a
graft. However, libssh, which is what was changed, only has a handful of
dependents, which is convenient for us :)

------
$ guix refresh -l libssh
Building the following 9 packages would ensure 12 dependent packages are 
rebuilt: address@hidden address@hidden address@hidden address@hidden 
address@hidden address@hidden address@hidden address@hidden address@hidden
------

It's confusing, but libssh and libssh2 are totally separate projects.
And for the record, they are also not related to OpenSSH, which is the
one we all know and use directly.

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

openssh vulnerability, Christopher Lemmer Webber, 2018/10/16
- Re: openssh vulnerability, Mike Gerwitz, 2018/10/17
  - Re: openssh vulnerability, Leo Famulari, 2018/10/17
    - Re: openssh vulnerability, Christopher Lemmer Webber, 2018/10/17
    - Re: openssh vulnerability, Chris Marusich, 2018/10/20
    - libssh vulnerability, Leo Famulari <=
    - Re: libssh vulnerability, Chris Marusich, 2018/10/21

Prev by Date: Re: Packaging Inferno
Next by Date: Re: libssh vulnerability
Previous by thread: Re: openssh vulnerability
Next by thread: Re: libssh vulnerability
Index(es):
- Date
- Thread