On 2025-04-12, Vagrant Cascadian wrote:
> On 2025-04-12, Johannes Schauer Marin Rodrigues wrote:
>> Luckily, running flash-kernel manually fixed the issue. But had I not noticed
>> that /boot/boot.scr still contained a version of a kernel that I had just
>> removed, my s
| ^~~~
> ./nix/libstore/store-api.hh:9:1: note: ‘uint64_t’ is defined in header
> ‘’; this is probably fixable by adding ‘#include ’
> 8 | #include
> +++ |+#include
> 9 |
Reported upstream.
live well,
vagrant
signature.asc
Description: PGP signature
ome unbootable.
Presuming this isn't some bizarre fluke, then this bug is likely present
in most versions of flash-kernel, as that code has not been touched for
at least a 2-5 years...
I vaguely recall a bug or merge request coming from Ubuntu that might be
related...
live well,
vagrant
signature.asc
Description: PGP signature
On 2025-03-27, Vagrant Cascadian wrote:
> On 2025-03-27, Arnaud Ferraris wrote:
>> Le 26/03/2025 à 19:36, Adrian Bunk a écrit :
>>> On Tue, Mar 11, 2025 at 03:27:04PM -0700, Vagrant Cascadian wrote:
>>>
>>> This bug needs some fixing soon (in the worst case
hat it is not fresh in my
mind...
> From be277736b9fc85a7df1d76318e931ae289bc3034 Mon Sep 17 00:00:00 2001
> From: Vagrant Cascadian
> Date: Sun, 21 May 2023 14:00:30 -0700
> Subject: [PATCH 2/2] Makefile: Generate pygopherd.txt with utf8.
>
> ---
> Makefile | 2 +-
> 1 file changed, 1 insertion(+),
ct the kernel you reported is from Mobian, and they have
historically had a patched u-boot-menu as well)
live well,
vagrant
signature.asc
Description: PGP signature
On 2025-03-27, Arnaud Ferraris wrote:
> Le 26/03/2025 à 19:36, Adrian Bunk a écrit :
>> On Tue, Mar 11, 2025 at 03:27:04PM -0700, Vagrant Cascadian wrote:
>>
>> This bug needs some fixing soon (in the worst case a partial revert to
>> the bookworm code), or the pa
gineer, dissemble, or attempt to derive any source
code from the Software;
(b) remove or obscure any copyright, patent, or trademark statement or notices
contained in the Software.
Those exclusions might make it hard for folks to come up with free
implementations, though. :(
live well,
vagrant
signature.asc
Description: PGP signature
On 2025-03-11, Vagrant Cascadian wrote:
> On 2025-03-03, Vagrant Cascadian wrote:
>> Looping Arnaud into the conversation, as I suspect the patches submitted
>> were touching this code quite a bit:
>>
>> 51d120d549e5b21a19ce659c7bef578c86ed9636 Allow to automatically syn
Control: Severity 1091979 serious
Control: tags 1091979 confirmed
On 2025-03-03, Vagrant Cascadian wrote:
> Looping Arnaud into the conversation, as I suspect the patches submitted
> were touching this code quite a bit:
>
> 51d120d549e5b21a19ce659c7bef578c86ed9636 Allow to automatical
...
Anyways...
On 2025-03-05, Vagrant Cascadian wrote:
> 在 2025/3/5 04:27, Robert Schwebel 写道:
>> first of all, thanks for all of your work on build-simple-cdd, I use it
>> for some years now to build fully automated boot images for my home- and
>> club machines so far, and i
Hi,
在 2025/3/5 04:27, Robert Schwebel 写道:
> Hi Vagrant,
>
> first of all, thanks for all of your work on build-simple-cdd, I use it
> for some years now to build fully automated boot images for my home- and
> club machines so far, and it really made my life much easier!
>
>
: make /boot partition
check a function
Of course I am the one who uploaded them, but antoehr pair of eyes
obviously will not hurt! :)
live well,
vagrant
On 2025-03-03, Johannes Schauer Marin Rodrigues wrote:
> Quoting Johannes Schauer Marin Rodrigues (2025-01-02 23:53:53)
>> The l
With the two additional patches applied and the original patch submitted
by Chris, I think pympress should build reproducibly!
live well,
vagrant
From 9d0ea933d092b674903ce1b9c2e95e35753b7274 Mon Sep 17 00:00:00 2001
From: Vagrant Cascadian
Date: Fri, 24 Jan 2025 14:43:00 -0800
Subject: [PATCH 1
ependency in guix, although it does include systemd
in Recommends. I do not think any of the Depends indirectly pull in
systemd, but I could be wrong.
You could try:
apt install --no-recommends guix
You may have to manually select some of the recommended packages or
alternatives to enable al
On 2025-01-11, Vagrant Cascadian wrote:
> On 2025-01-11, Vagrant Cascadian wrote:
>> On 2023-04-06, John Scott wrote:
>>> It seems bugs #998728, 1008573, and #1032907 are all the same. Perhaps
>>> the maintainers would like to merge them.
>>>
>>> Than
On 2023-04-06, John Scott wrote:
> It seems bugs #998728, 1008573, and #1032907 are all the same. Perhaps
> the maintainers would like to merge them.
>
> Thanks for your workaround, Vagrant; I found that adding
> KexAlgorithms -sntrup761x25519-sha...@openssh.com
> to my ~/
On 2025-01-11, Vagrant Cascadian wrote:
> On 2023-04-06, John Scott wrote:
>> It seems bugs #998728, 1008573, and #1032907 are all the same. Perhaps
>> the maintainers would like to merge them.
>>
>> Thanks for your workaround, Vagrant; I found that adding
>>
is worked around in arm-trusted-firmware 2.10.10+dfsg-1 (unstable)
and 2.12.0+dfsg-1 (experimental) ... by not treating warnings as errors:
https://salsa.debian.org/debian/arm-trusted-firmware/-/commit/032efcd8e7f774db1863b9478e4e6fd6a69de251
This should be fixed properly eventually...
live well,
vagrant
signature.asc
Description: PGP signature
On 2025-01-05, Matthias Klose wrote:
> On 05.01.25 07:03, Vagrant Cascadian wrote:
>> Not sure if this is a bug or intentional change in binutils...
>
> please recheck with the most recent version in unstable.
I have done many builds over the course of the last few day
On 2025-01-04, Vagrant Cascadian wrote:
> On 2024-12-22, Lucas Nussbaum wrote:
>>> lib/libc/aarch64/setjmp.S: Assembler messages:
>>> lib/libc/aarch64/setjmp.S:46: Warning: entity size for SHF_MERGE /
>>> SHF_STRINGS not specified
>>> /tmp/ccsOcV8D.s: Error:
build with an older binutils...
live well,
vagrant
signature.asc
Description: PGP signature
; if ($pid_filter == 0) {
>
> Essentially, we do not pass a path to zstd anymore but we let sbuild open the
> path and then pass the filedescriptor to what we opened to zstd via its
> standard input.
Patch works for me, thanks!
live well,
vagrant
signature.asc
Description: PGP signature
lchain-team/device-tree-compiler/-/commit/44471c44603d97dbba2d0b2590d49117a8bf3d62
https://salsa.debian.org/crosstoolchain-team/device-tree-compiler/-/commit/59ba5ff604e684e40ead89eca5edfdc7fcb9a7ba
https://salsa.debian.org/crosstoolchain-team/device-tree-compiler/-/commit/bf4a2e43e9f5705fe9f0879d364c667ae658285e
live well,
vagrant
signature.asc
Description: PGP signature
does anything if /etc/timezone exists, so
downgrading the severity to important.
live well,
vagrant
shipped binaries in the
.deb! The rcar/renesas platform was not added to debian's
arm-trusted-firmware packages until version 2.9.0+dfsg-1.
Thanks for noting the upstream commits fixing the issue!
live well,
vagrant
signature.asc
Description: PGP signature
On 2024-12-07, Gioele Barabucci wrote:
> On 07/12/24 06:01, Vagrant Cascadian wrote:
>> On 2024-12-07, Gioele Barabucci wrote:
>>> the libraries and executables of many cmake-based packages gain extra
>>> zero bytes in their .dynstr ELF section when rebuilt. (This accoun
is odd.
My hunch is that this might be a side-effect of building in the wrong
build path, as mentioned in:
https://bugs.debian.org/1089087
live well,
vagrant
signature.asc
Description: PGP signature
nstable soon?
live well,
vagrant
signature.asc
Description: PGP signature
"randomness" than "timestamps", marking as such.
live well,
vagrant
signature.asc
Description: PGP signature
distro" boot
vs. the newer "bootstd" which I am less familiar with...
Mixed feelings about leaving the first 16MB unpartitioned vs. specifying
some partition for it that has some special flag set. Creating a
partition and marking it with MBR boot or legacy_bios_boot might trip up
On 2024-10-19, James Addison wrote:
> On Thu, 05 Aug 2021 15:11:02 -0700, Vagrant wrote:
>> Some locales (e.g. potentially obscure locales used by reprotest) may
>> cause sort order issues in embedded strings in some of the grub-*.bin
>> binaries.
>
> I'm not 10
duce the build failure, I would be curious to know!
There are still minor issues with the incompatible bytecode versions,
though as I understand it those are non-fatal, it will just run a bit
slower, due to guile-bytestructures being compiled against a different
version of guile (3.10.x vs. 3.10.x
Control: tags 1081867 pending
On 2024-09-15, Vagrant Cascadian wrote:
> Control: forwarded 1081867
> https://github.com/artyom-poptsov/guile-ssh/issues/42
>
> On 2024-09-15, Santiago Vila wrote:
>> During a rebuild of all packages in unstable, your package failed to build
her distros that package
sbuild without inheriting the packaging from Debian...
Curiously tests.reproducible-builds.org did not catch this, although it
may be checking different locales, or setting locales through alternate
mechanisms...
live well,
vagrant
signature.asc
Description: PGP signature
/../../../libguile-ssh/session-func.c:243:1: warning: control reaches end
> of non-void function [-Wreturn-type]
>243 | }
>| ^
This appears due to the update of libssh to 0.11.x. 0.10.x still built
fine when I checked a couple weeks ago, when I forwarded the issue
upstream.
live well,
vagrant
signature.asc
Description: PGP signature
On 2024-09-10, Heinrich Schuchardt wrote:
> On 9/10/24 22:25, Vagrant Cascadian wrote:
>> Well, I was holding it wrong!
>>
>> I pushed a commit that appears to work:
>>
>>https://salsa.debian.org/opensbi-team/opensbi/-/commit/
>> f3a37b121cb581ac4
least,
so I uploaded a new version of guile-gcrypt to trigger a rebuild.
live well,
vagrant
signature.asc
Description: PGP signature
On 2024-09-10, Vagrant Cascadian wrote:
> On 2024-08-27, Heinrich Schuchardt wrote:
>> As a first step let us add a 32bit OpenSBI to our opensbi package as
>> /usr/lib/riscv32-linux-gnu/opensbi/generic/fw_*. Debian's
>> riscv64-linux-gnu-gcc can build the
default to build/platform even
when passing O= ... or more ugly, cleaning the directory in-between
invocations?
It would be nice to get this settled, though! :)
live well,
vagrant
signature.asc
Description: PGP signature
Control: forwarded 1081025 https://github.com/epoptes/epoptes/issues/193
On 2024-09-06, Vagrant Cascadian wrote:
> Running epoptes on debian trixie results in:
>
> $ epoptes
> Traceback (most recent call last):
> File "/usr/bin/epoptes", line 20, in
>
python3-stdlib-extensions-3124-1-source-into-unstable/
live well,
vagrant
signature.asc
Description: PGP signature
ther case, if either changes a name of one of the relevent files,
there would have to be coordination across packages... I guess it just
depends on which is less likely to change? :)
live well,
vagrant
signature.asc
Description: PGP signature
> ModuleNotFoundError: No module named 'jaraco'
jaraco is not called directly in any of reprotest's code...
This seems to be related to https://bugs.debian.org/1079175 which should
be fixed in the newly uploaded setuptools 73.0.0-1...
live well,
vagrant
signature.asc
Description: PGP signature
On 2024-08-16, Vagrant Cascadian wrote:
> Apparently, diffoscope has issues that both cause it to fail to build,
> but more importantly for jenkins, fails to actually execute in a sid
> environment... leading to all packages that successfully build to be
> marked as unreproducible,
/rb-pkg/unstable/amd64/vtwm.html
... I went and downloaded the vtwm artifacts only to find that they were
bit-for-bit reproducible.
live well,
vagrant
signature.asc
Description: PGP signature
On 2024-06-09, Johannes Schauer Marin Rodrigues wrote:
> On Mon, 17 Jul 2023 16:25:58 -0700 Vagrant Cascadian
> wrote:
>> On 2023-07-18, Simon Josefsson wrote:
>> > Hi. I was trying to build guile-gnutls via guix in a debian12
>> > container, and the sequence below
s used during the
build.
I think "randomness" would be a more appropriate usertag here, and have
adjusted appropriately.
Thanks for working on the fix!
live well,
vagrant
signature.asc
Description: PGP signature
On 2024-08-07, Santiago Vila wrote:
> El 6/8/24 a las 23:52, Vagrant Cascadian escribió:
>> Well, I was able to reproduce a difference running one build with an
>> arm64 kernel one with an armhf kernel, but have not identified exactly
>> what triggers the difference...
>
with LC_ALL=C.UTF-8 locale if it still spits out errors? :)
reprotest's use of faketime tends to trigger issues with patch
systems...
live well,
vagrant
signature.asc
Description: PGP signature
On 2024-08-06, Vagrant Cascadian wrote:
>> My hunch is differing kernel, as some of the armhf builds run with an
>> arm64 kernel and some with a regular armhf kernel... I will try to do
>> some more involved tests to verify if that is the issue.
>
> Well, I was able t
On 2024-08-05, Vagrant Cascadian wrote:
> On 2024-08-05, Chris Lamb wrote:
>> Santiago Vila wrote:
>>
>>>> smartlist looks reproducible now
>>>
>>> Only on amd64, arm64 and i386.
>>
>> Ah, I didn't spot that. Unfortunately, I don&
On 2024-08-05, Chris Lamb wrote:
> Santiago Vila wrote:
>
>>> smartlist looks reproducible now
>>
>> Only on amd64, arm64 and i386.
>
> Ah, I didn't spot that. Unfortunately, I don't have armhf hardware to
> hand, but perhaps Vagrant can help narrow th
On 2024-07-31, Dmitry Baryshkov wrote:
> On Tue, 30 Jul 2024 at 23:07, Vagrant Cascadian wrote:
>>
>> Control: tags 1077625 wontfix
>>
>> On 2024-07-30, Dmitry Baryshkov wrote:
>> > It looks like the defaults present in the simple-cdd packages make
&g
out the line in default.preseed, or
possibly a better idea provide another simple-cdd profile that sets a
different value for this particular question.
live well,
vagrant
signature.asc
Description: PGP signature
an bookworm and bullseye, none of the affected
targets are actually built, although the source code contains the issue.
The targets are built in later versions, starting with 2.9.0+dfsg-1 and
2.10.0+dfsg-1+b1 currently in trixie and sid.
Marking versions appropriately.
live well,
vagrant
s
boot depends on cross-toolchains which were not yet available?
Please re-run the tests when the cross-toolchains become available.
live well,
vagrant
signature.asc
Description: PGP signature
pkgPID.CLOCKSECONDS]
Though I would guess this is not appropriate for typical runtime use.
live well,
vagrant
signature.asc
Description: PGP signature
tests varied build paths.
The patch needs a trivial refresh, but I can confirm that it still fixes
the issue.
I would like to perform an NMU fixing this in the near future, unless
there are outstanding objections.
live well,
vagrant
signature.asc
Description: PGP signature
cibility issues, but significantly
reducing the diff would be really helpful to resolve the remaining
issues.
Given the lack of comment the last four years, I propose to NMU this
soon.
live well,
vagrant
signature.asc
Description: PGP signature
Control: fixed 1072172 19.10-1
On 2024-05-29, Vagrant Cascadian wrote:
> Version: 19.08-1
...
> Marking as done in the version that switched to the new-style LTSP.
Actually, the first version actually uploaded to debian was 19.10-1,
marking appropriately.
live well,
vagrant
signatu
r in any distro.
The current LTSP support is available in Debian as the "ltsp" package,
see:
https://ltsp.org/docs/
live well,
vagrant
signature.asc
Description: PGP signature
it:
https://salsa.debian.org/debian/guile-lzlib/-/commit/206654cca36977e64e97ef12096c3a86a5338835
live well,
vagrant
signature.asc
Description: PGP signature
, running on physical
> server
> machine.
You seem to also be lacking the recent security update for guix
(e.g. 1.4.0-3+deb12u1), please test that version also, just in case
there is some weird hidden versioned dependency conflict (e.g. if
guile-gnutls was built against a different ve
On 2024-05-02, Petter Reinholdtsen wrote:
> [Vagrant Cascadian]
>> Still appears to be an issue, though tests.reproducible-builds.org is no
>> longer testing build path variations. Downgrading the severity
>> accordingly.
>
> Hm, then I do not understand the fix. As far
or possibly by enabling
salsa-ci pipelines, or building twice with sbuild, which currently
randomizes the build path by default.
live well,
vagrant
signature.asc
Description: PGP signature
o real effect on the resulting package.
[ Other info ]
Thanks!
live well,
vagrant
signature.asc
Description: PGP signature
ictions as well: not just --max-container-depth. For
> instance, excluding external commands like readelf and objdump that
> you know to be slow.
Ah, yes, knowing the common time sinks would be tremendously helpful!
live well,
vagrant
signature.asc
Description: PGP signature
ing in a qemu virtual machine, although
that is currently broken, so needs to be fixed somehow to remove
/etc/timezone.
live well,
vagrant
signature.asc
Description: PGP signature
On 2024-04-12, Fay Stegerman wrote:
> * Vagrant Cascadian [2024-04-12 19:29]:
>> On 2024-04-12, Holger Levsen wrote:
>> > when installing reprotest 0.7.27:
>> >
>> > SyntaxWarning: invalid escape sequence '\;'
>> > Setting up reprotest (0.
y default, give --min-cpus
to increase this.
WARNING:reprotest.build:IGNORING user_group variation; supply more usergroups
with --variations=user_group.available+=USER1:GROUP1;USER2:GROUP2 or
alternatively, suppress this warning with --variations=-user_group
WARNING:reprotest.build:Not using sudo for domain_host; your build may fail.
See man page for other options.
WARNING:reprotest.build:Be sure to `echo 1 >
/proc/sys/kernel/unprivileged_userns_clone` if on a Debian system.
--- /tmp/tmp4vqq6736/control
+++ /tmp/tmp4vqq6736/experiment-1
│ --- /tmp/tmp4vqq6736/control/source-root
├── +++ /tmp/tmp4vqq6736/experiment-1/source-root
│ │ --- /tmp/tmp4vqq6736/control/source-root/date
│ ├── +++ /tmp/tmp4vqq6736/experiment-1/source-root/date
│ │ @@ -1 +1 @@
│ │ +L 13 apr 2024 07:27:01 GMT
│ │ -Fri Apr 12 05:27:01 GMT 2024
live well,
vagrant
signature.asc
Description: PGP signature
On 2024-04-12, Martin Michlmayr wrote:
> * Vagrant Cascadian [2024-01-18 20:07]:
>> > So we need a stable update with this change.
>>
>> Thanks everyone!
>>
>> This is a pretty trivial fix, so including in the next bookworm/stable
>> point release sh
On 2024-03-08, Vagrant Cascadian wrote:
> On 2023-04-12, Holger Levsen wrote:
>> i guess reprotest maybe should grow an option to do
>> --control-build /path/to/packages/
>> --vary=build_path=/use/this/build/path ...
>>to make it
re-reprotest
It is definitely quite rough around the edges and there are some caveats
that limit the functionality, but can do some of what you were looking
for.
live well,
vagrant
signature.asc
Description: PGP signature
ducible builds! And just for good measure,
thanks!
live well,
vagrant
signature.asc
Description: PGP signature
Control: fixed 962021 10.0.1-1
On 2022-04-19, Vagrant Cascadian wrote:
> On 2020-07-04, Bernhard M. Wiedemann wrote:
>> https://gitlab.com/graphviz/graphviz/-/merge_requests/1454
>> was easy, because I had the forked repo still around
>
> This was merged upstream:
>
&
1792&raw=0
Yeah, forwarded this upstream in January, but have not yet found a fix.
live well,
vagrant
signature.asc
Description: PGP signature
eam/pipeline/#adding-extra-arguments-to-reprotest
In short, switching to:
SALSA_CI_REPROTEST_ARGS: '--vary=-build_path'
I think this behaves more like people would expect, e.g. disabling build
path variations and not anything else.
live well,
vagrant
signature.asc
Description: PGP signature
!
live well,
vagrant
signature.asc
Description: PGP signature
I packages provide secure boot. Hence I suggest to simply
> drop patch debian/patches/qemu/efi-secure-boot.patch.
Any thoughts on this, Luca, as the provider of the original merge
request:
https://salsa.debian.org/debian/u-boot/-/merge_requests/24
Thanks!
live well,
vagrant
signature.asc
Description: PGP signature
st re-ran the tests again, and they still fail for me:
https://people.debian.org/~vagrant/dh-builtusing-issues/u-boot_2024.01+dfsg-4~0~20240324~0_arm64-2024-03-24T20:22:28Z.build.zst
https://people.debian.org/~vagrant/dh-builtusing-issues/u-boot_2024.01+dfsg-4~0~20240324~0_armhf-2024-03-24T20:21:58Z.build.zst
live well,
vagrant
signature.asc
Description: PGP signature
Control: tags 1051098 - patch
On 2024-03-21, Vagrant Cascadian wrote:
> On 2024-03-21, Nicolas Boulenguez wrote:
>>> Also filed a bug on dh-builtusing about this:
>>>
>>> https://bugs.debian.org/1067242
>>>
>>> I look forward to an improved dh-
ror: parsing package 'u-boot-sunxi' Built-Using
field: [arm64],
armhf.build- [arm64],
live well,
vagrant
signature.asc
Description: PGP signature
Control: severity 1066113 serious
On 2024-03-16, Vagrant Cascadian wrote:
> On 2024-03-15, Salvatore Bonaccorso wrote:
>> On Fri, Mar 15, 2024 at 11:22:52AM -0700, Vagrant Cascadian wrote:
>>> On 2024-03-13, Vagrant Cascadian wrote:
>>> > On 2024-03-12, Vagrant Casc
Control: fixed 1064748 1.4.0-6
Marking this as fixed in 1.4.0-6, although strictly speaking, this is
only worked around by disabling the tests, so the bug should remain
open.
live well,
vagrant
signature.asc
Description: PGP signature
For u-boot, no patch is necessary. Just revert the reversal :-)
Re-added the patch tag, although strictly speaking it should now have a
versioned dependency... :)
Will probably wait till u-boot migrates to testing to re-apply the
patch... but will do so eventually.
live well,
vagrant
signature.asc
Description: PGP signature
Control: reopen 1051098
Control: tags 1051098 -patch
On 2024-03-19, Vagrant Cascadian wrote:
> On 2024-02-29, Nicolas Boulenguez wrote:
>> diff --git a/debian/control b/debian/control
>> index 7a6bbc31cc..c6aec92cf6 100644
>> --- a/debian/control
>> +++ b/debian/
Leaving out the architecture qualifiers worked before switching to
dh-builtusing, though it did issue warnings in the build log about empty
variables.
Thanks for dh-builtusing, despite this hopefully small bump along the
road!
live well,
vagrant
signature.asc
Description: PGP signature
ltusing manpage, looks like it *should*
work ... so an inconsistency between documentation and implementation.
live well,
vagrant
es this work with current versions of u-boot in Debian, e.g. u-boot
2023.01+dfsg-2 from debian bookworm/stable or 2024.01+dfsg-1 from debian
trixie/testing?
live well,
vagrant
signature.asc
Description: PGP signature
0 +0100
> --- b/debian/patches/series 2024-03-18 12:59:16.218124536 +
> @@ -0,0 +1 @@
> +reproducible-build.patch
FWIW, I uploaded an NMU fixing this based on your earlier patch, but it
was reverted when the maintainer attempted to orphan the package without
incorporating the NMU...
https://bugs.debian.org/1005826
https://bugs.debian.org/1065042
live well,
vagrant
signature.asc
Description: PGP signature
but as we can see here, it doesn't write to it anyway.
> (Nor should it, given this is an input file.)
>
> Please turn this into an O_RDONLY.
It would be helpful to list the exact command you are running, although
best to take this upstream.
live well,
vagrant
signature.asc
Description: PGP signature
On 2024-03-15, Salvatore Bonaccorso wrote:
> On Fri, Mar 15, 2024 at 11:22:52AM -0700, Vagrant Cascadian wrote:
>> On 2024-03-13, Vagrant Cascadian wrote:
>> > On 2024-03-12, Vagrant Cascadian wrote:
>> >> On 2024-03-12, Salvatore Bonaccorso wrote:
>> > I h
On 2024-03-13, Vagrant Cascadian wrote:
> On 2024-03-12, Vagrant Cascadian wrote:
>> On 2024-03-12, Salvatore Bonaccorso wrote:
> I have now tested an updated 1.4.x package on bookworm and a 1.2.x
> package on bullseye, and the reproducer (with a small change for 1.2.x)
> was abl
On 2024-03-12, Vagrant Cascadian wrote:
> On 2024-03-12, Salvatore Bonaccorso wrote:
>> The following vulnerability was published for guix.
>>
>> CVE-2024-27297[0]:
>> | Nix is a package manager for Linux and other Unix systems. A fixed-
>> | output derivations o
rg/en/blog/2024/fixed-output-derivation-sandbox-bypass-cve-2024-27297/
I have not yet had a chance to actually verify the fix on locally built
Debian packages, but all three releases do successfully build with the
patches applied.
live well,
vagrant
signature.asc
Description: PGP signature
builds/reprotest/-/commits/wip-specify-build-path?ref_type=heads
:)
live well,
vagrant
signature.asc
Description: PGP signature
-locations with cache
live well,
vagrant
signature.asc
Description: PGP signature
.0 GUILE=/usr/bin/guile-3.0 GUILD=/usr/bin/guild-3.0
returne
d exit code 1
live well,
vagrant
>
> The root cause of the failure lies in the way the ccache directory is
> determined. There are actually several ways this is being done during
> configure - some of which work correct
E_SITE_CCACHE)
> - ])
> + [AC_REQUIRE([GUILE_SITE_DIR])])
Would the guile-lib developers consider merging this? Are there any
use-cases where this is inappropriate?
Thanks!
live well,
vagrant
signature.asc
Description: PGP signature
1 - 100 of 1486 matches
Mail list logo
