Conversation
|
A single coreutils test started failing :-/
It seems no use to rush merging this. |
Security: the NEWS claims a couple more CVEs are fixed than what we patched, though perhaps nothing critical. I personally don't find DNS fragmentation attacks that interesting anymore, as it's just about weaker improvements for cases that choose not to use DNSSEC. Largest expected caveat: upstream bumped the minimal supportable kernel to 3.2.0. That's the oldest kernel still supported upstream, released in Jan 2012, but most notably RHEL 6 and derivates still use a heavily patched 2.6.32 kernel and those systems are still supported and in use (production support is scheduled to last till the end of 2020!).
|
Now there are some CVE fixes in this PR. I won't keep it waiting long, just let 17.09 rebuild first with glibc patches. |
|
Hmm, this will cause relatively lots of build-time breakages. I will try to patch some, mainly older versions of gcc and llvm, and anything blocking "important" packages, but I can't manage everything. |
|
Technical answer: still no, https://bitbucket.org/purelang/pure-lang/issues/36/port-pure-to-the-mcjit-in-order-to-support |
|
@vcunat, yeah dependency on old LLVM is unfortunately an ongoing problem for Pure. My guess is that this will not be fixed any time soon. |
|
OK. It's similar for |
|
I will probably fix llvm-3.5 within a week, but certainly feel free to beat me. |
|
Support for RHEL 6 and friends: #32954 |
Largest expected caveat: upstream bumped the minimal supportable kernel to 3.2.0. That's the oldest kernel still supported upstream, released in Jan 2012, but most notably RHEL 6 and derivates still use a heavily patched 2.6.32 kernel and those systems are still supported and in use (production support is scheduled to last till the end of 2020!).
Therefore, I suggest to postpone this after branching 17.09, at least; it won't be nice even after that, but I fail to see a better option ATM.