Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

staging-next 2022-04-10 #168140

Merged
merged 48 commits into from
Apr 12, 2022
Merged

staging-next 2022-04-10 #168140

merged 48 commits into from
Apr 12, 2022

Conversation

vcunat
Copy link
Member

@vcunat vcunat commented Apr 10, 2022

I made this iteration a bit special, focused on security fixes and important bugfixes. And perhaps some other changes that have very low breaking potential. The purpose is to try making this iteration very fast, without requiring human work to progress, so that we don't block some notable problems:

workflow docs: https://nixos.org/manual/nixpkgs/unstable/#submitting-changes-commit-policy
constitutents: https://hydra.nixos.org/job/nixpkgs/staging-next/unstable#tabs-constituents
jobset: https://hydra.nixos.org/jobset/nixpkgs/staging-next

Previous staging-next: #165406

trofi and others added 30 commits March 23, 2022 08:46
@trofi
audit: fix build for linux-headers-5.17
8cdcda6 
Without the change build fails as:

    audit_wrap.c:5010:15: error: invalid use of flexible array member
     5010 |     arg1->buf = (char [])(char *)memcpy(malloc((size)*sizeof(char)), (const char *)(arg2), sizeof(char)*(size));
          |               ^
@andersk
mesa: Fix cross-compilation
3ddd947 
Signed-off-by: Anders Kaseorg <[email protected]>
@vcunat
powerdns: fix 32-bit builds against glibc
f588040
@vcunat @symphorien
powerdns: fix typo
6b7bd8d 
Co-authored-by: Guillaume Girol <[email protected]>
@symphorien
Merge pull request #166534 from vcunat/p/powerdns-32bit
45a5514 
powerdns: fix 32-bit builds against glibc
@github-actions
Merge master into staging-next
e321dce
@github-actions
Merge master into staging-next
37c4217
@github-actions
Merge master into staging-next
d9940cd
@github-actions
Merge master into staging-next
4a11aaf
@github-actions
Merge master into staging-next
1cc7d1f
@github-actions
Merge master into staging-next
0b5802f
@github-actions
Merge master into staging-next
d9f9d57
@github-actions
Merge master into staging-next
48bcc60
@mweinelt
gzip: 1.11 -> 1.12
c4d4de8 
https://savannah.gnu.org/forum/forum.php?forum_id=10157
https://git.savannah.gnu.org/cgit/gzip.git/commit/?id=dc9740df61e575e8c3148b7bd3c147a81ea00c7c

Fixes: CVE-2022-1271
@github-actions
Merge master into staging-next
290f13d
@Mindavi @thefloweringash
zlib: fix cross-compilation not producing shared libraries
e3d9b21 
Apply patch that already has been applied upstream:
- madler/zlib#607
- madler/zlib@05796d3

(cherry picked from commit f091c0e)
@github-actions
Merge master into staging-next
7315942
@github-actions
Merge master into staging-next
65cadc3
@github-actions
Merge master into staging-next
c8ebb5d
@github-actions
Merge master into staging-next
48a1a9d
@github-actions
Merge master into staging-next
59e0c1b
@github-actions
Merge master into staging-next
40b03d1
@PaulGrandperrin
Patch curl certificate CN verification
0fad2b3 
From curl/curl@911714d
Fixes #167971
@github-actions
Merge master into staging-next
f78cc67
@github-actions
Merge master into staging-next
a11494d
@github-actions
Merge master into staging-next
1ebc194
@vcunat
Merge #167784: gzip: 1.11 -> 1.12 (into staging-next)
f93fdb8
@risicle @vcunat
libtiff: add patches for multiple CVEs
15d1734 
CVE-2022-0891
CVE-2022-0865
CVE-2022-0924
CVE-2022-0907
CVE-2022-0909
CVE-2022-0908

(cherry picked from commit 748dfdd from PR #165872)
@stigtsp @vcunat
perl: use pkgs.zlib instead of bundled zlib
836d406 
(cherry picked from commit d1adf50 from PR #167084)
@SuperSandro2000 @vcunat
python39Packages.twisted: don't overwrite patchPhase, ...
25b43e1 
...fix path to tests, update homepage away from their tract

(cherry picked from commit a8b0e20 from PR #165414)
@vcunat
Copy link
Member Author

vcunat commented Apr 10, 2022

I somehow chose the changes by hand, selecting all corresponding PRs with "security" label and then passing through all the merges in master..staging and picking some more. You can suggest changes to that as well, though we surely don't want to slow this iteration down too much.

The powerdns commit got left in staging-next by accident; it was intended for the previous iteration but got merged too late. It could come directly to master now, but... now I didn't have sufficient motivation to act on it.

@K900
Copy link
Contributor

K900 commented Apr 10, 2022

#166335 should probably go in

github-actions bot and others added 3 commits April 10, 2022 18:01
@github-actions
Merge master into staging-next
7feda9b
@vcunat
Merge branch 'master' into staging-next
61e78f9
@vcunat
Revert "python39Packages.pycurl: disable failing tests"
f44598b 
This partially reverts commit 7f8c513 from PR #168154,
and it's also the same as commit 32f4270.
The tests worked after curl fix (commit 0fad2b3 from PR #167993).
@vcunat
Copy link
Member Author

vcunat commented Apr 10, 2022

TL;DR: so that pycurl problem should be resolved now, both on master and also in a better way here on staging-next.

@fabianhjr
Copy link
Member

fabianhjr commented Apr 10, 2022
edited
Loading

made this iteration a bit special, focused on security fixes and important bugfixes.

You can suggest changes to that as well, though we surely don't want to slow this iteration down too much.

Hi @vcunat, just to clarify. The idea is to merge this before the scheduled breaking changes freeze of staging/staging-next on April 17 and then open a new staging-next cycle with the pending staging commits from this cycle?

@vcunat
Copy link
Member Author

vcunat commented Apr 10, 2022

April 17 is the first time restrictions apply for changes merging to staging(-next) branch. Commits that are there now certainly will reach 22.05. (Well of course, it can happen that some of them will be found out to cause too much trouble and reverted, as usual.)

The release schedule itself even plans for two week-long staging(-next) iterations, though historically we typically struggled to make them that fast, so that part might happen a bit differently than planned.

@vcunat vcunat merged commit e111881 into master Apr 12, 2022
@mweinelt mweinelt mentioned this pull request Apr 15, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@stigtsp stigtsp Awaiting requested review from stigtsp

@zakame zakame Awaiting requested review from zakame

@FRidh FRidh Awaiting requested review from FRidh

@jonringer jonringer Awaiting requested review from jonringer

Assignees
No one assigned
Labels
6.topic: python 10.rebuild-darwin: 501+ 10.rebuild-darwin: 5001+ 10.rebuild-darwin-stdenv This PR causes stdenv to rebuild 10.rebuild-linux: 501+ 10.rebuild-linux: 5001+ 10.rebuild-linux-stdenv This PR causes stdenv to rebuild
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.