[Nix-dev] new CUPS expression fixes vulnerability
Wolfgang Jeltsch
g9ks157k at acme.softbase.org
Thu Nov 26 22:30:12 CET 2009
Am Donnerstag, 26. November 2009 16:18:11 schrieben Sie:
> Hi,
>
> On Thu, Nov 26, 2009 at 16:11, Wolfgang Jeltsch wrote:
> > I’ve patched cups/default.nix to update to CUPS 1.4.2 (from CUPS 1.4.1).
> > The reason was the CVE-2009-2820 vulnerability. The new CUPS seems to
> > have been built successfully on my machine. However, the whole update
> > process hasn’t been finished yet since obviously, the CUPS change
> > triggered a rebuilt of large parts of KDE and Qt.
>
> This is the job of the build-farm to compile these, so wait for your
> patch to be on the mainline if you don't want to compile them. I
> think you may want to commit it your self.
I was told on the IRC channel that I should first try whether my modified CUPS
expression works. Of course, it would have been sufficient to build only CUPS,
not the whole system.
> > You find the patch attached to this e-mail. By the way, what are the
> > preconditions for getting commit rights for the SVN repository?
>
> The current precondition is: Asking on the mailing list and being a
> reliable contributor.
What does reliable mean in this context? That I commit patches regularly? I
cannot promise that I will do. Or that I don’t disturb the repository? I can
at least say that I don’t want to do that and that I should be able to do
sensible commits. I have experience with both Linux and functional progamming
for about 10 years, by the way.
So I kindly ask for commit access to the SVN repository.
Best wishes,
Wolfgang
More information about the nix-dev
mailing list