[Nix-dev] new CUPS expression fixes vulnerability

Nicolas Pierron nicolas.b.pierron at gmail.com
Thu Nov 26 16:18:11 CET 2009


Hi,

On Thu, Nov 26, 2009 at 16:11, Wolfgang Jeltsch
<g9ks157k at acme.softbase.org> wrote:
> I’ve patched cups/default.nix to update to CUPS 1.4.2 (from CUPS 1.4.1). The
> reason was the CVE-2009-2820 vulnerability. The new CUPS seems to have been
> built successfully on my machine. However, the whole update process hasn’t
> been finished yet since obviously, the CUPS change triggered a rebuilt of large
> parts of KDE and Qt.

This is the job of the build-farm to compile these, so wait for your
patch to be on the mainline if you don't want to compile them.  I
think you may want to commit it your self.

> You find the patch attached to this e-mail. By the way, what are the
> preconditions for getting commit rights for the SVN repository?

The current precondition is: Asking on the mailing list and being a
reliable contributor.


-- 
Nicolas Pierron
http://www.linkedin.com/in/nicolasbpierron - http://nbp.name/
Lars Rasmussen (Google IO 2009) - Icland is an icland.



More information about the nix-dev mailing list