[blfs-dev] Upcoming BLFS-7.5 release
bruce.dubbs at gmail.com
Wed Mar 5 18:17:50 PST 2014
Ken Moffat wrote:
> On Wed, Mar 05, 2014 at 11:03:15PM +0000, Ken Moffat wrote:
>> Those who are able to read https://lwn.net/Articles/589291/ (might
>> be subscriber-only for the next 2 weeks, I'm not sure) will see from
>> nix's comment that there is already a second "fix" version of gnutls
>> (perhaps the first will be fine for BLFS), and _apparently_ it needs
>> a new version of p11-kit.
>> My gut feeling is that we should get the current book out the door,
>> but continue to recommend that people use the development version of
>> the book.
> For anyone who wasn't aware of this vulnerability (I suspect that
> in this case I'm behind the curve, and you've probably all already
> fixed your own affected systems), 18.104.22.168 builds with the current
> instructions, and links to the book's current version of p11-kit.
> The timings for make check and for rebuilding the docs are, however,
> quite different on my machine. I'll put it in the book when svn is
The book is released. svn is open now.
and then do a chroot gnome build to try to spot anything which
> fails to build.
> What I can't do at the moment is confirm what uses this. I suspect
> that it is dynamically loaded when https:// has to be negotiated.
> Can somebody remind me, please, of the package which identifies
> dynamically loaded libraries ? I think Igor mentioned it a while
> back, and I'm fairly sure that Fernando showed some output from it,
> but I can't find it in my notes. Thanks.
More information about the blfs-dev