Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

staging-next-23.11 iteration 2 - 2024-01-06 #279139

Merged
merged 267 commits into from
Jan 18, 2024
Merged

staging-next-23.11 iteration 2 - 2024-01-06 #279139

merged 267 commits into from
Jan 18, 2024

Conversation

vcunat
Copy link
Member

@vcunat vcunat commented Jan 6, 2024

github-actions bot and others added 30 commits November 30, 2023 00:14
@github-actions
Merge staging-next-23.11 into staging-23.11
588d020
@wegank
Merge pull request #269645 from NixOS/backport-268587-to-staging-23.11
b15a72e 
[Backport staging-23.11] python3Packages.numpy: fix cross compilation
@wegank
Merge pull request #269647 from NixOS/backport-269326-to-staging-23.11
b269d99 
[Backport staging-23.11] libgit2, http-parser: Fix Windows Build
@Ericson2314 @github-actions
http-parser: Delete unused patch
784d879 
Since 4056c43 a Make not Gyp build
system has been in use.

(cherry picked from commit fa58b67)
@Strum355 @github-actions
http_parser: fix copying outputs for static build
e9ff57a 
Co-Authored-By: John Ericson <[email protected]>
(cherry picked from commit 33f464b)
@stigtsp @github-actions
perl536: 5.36.1 -> 5.36.3
fa71fc8 
(cherry picked from commit a18b35a)
@stigtsp @github-actions
perl538: 5.38.0 -> 5.38.2
565539e 
(cherry picked from commit 8aac6da)
@stigtsp @github-actions
perl.perl-cross: 1.5 -> 84db4c71
eb771a8 
(cherry picked from commit 9625705)
@Ericson2314
Merge pull request #271203 from NixOS/backport-254516-to-staging-23.11
f06ae9e 
[Backport staging-23.11] http-parser: fix copying outputs for static build
@github-actions
Merge release-23.11 into staging-next-23.11
b2f8bcb
@github-actions
Merge staging-next-23.11 into staging-23.11
6bbceb4
@dasJ @github-actions
vim: 9.0.2048 -> 9.0.2116
66ea830 
See also: https://www.openwall.com/lists/oss-security/2023/11/16/1

(cherry picked from commit 796079b)
@vcunat @github-actions
dns-root-data: update B.root-servers.net addresses
9453ca5 
https://gitlab.nic.cz/knot/knot-resolver/-/merge_requests/1478
(cherry picked from commit e30be98)
@mweinelt @github-actions
python311Packages.werkzeug: 2.3.7 -> 2.3.8
4cd2b4e 
https://werkzeug.palletsprojects.com/en/2.3.x/changes/#version-2-3-8
(cherry picked from commit 82d922a)
@mweinelt
Merge pull request #271547 from NixOS/backport-267109-to-staging-23.11
45fb071 
[Backport staging-23.11] python311Packages.werkzeug: 2.3.7 -> 2.3.8
@github-actions
Merge release-23.11 into staging-next-23.11
c562201
@github-actions
Merge staging-next-23.11 into staging-23.11
fa29ba5
@dasJ @github-actions
netbox: Inherit gunicorn from the package
ff85431 
I was using a 23.11 package on a NixOS 23.05 system and this caused the
python that was used in gunicorn to differ from the python the postgres
lib was linked against.

(cherry picked from commit 018175e)
@r-ryantm @LeSuisse
libde265: 1.0.12 -> 1.0.14
484ab6c 
Fixes CVE-2023-43887 and other security issues.

(cherry picked from commit 87ebba1)
@risicle
python3Packages.gevent: add patch for CVE-2023-41419
31ae5a3 
(cherry picked from commit 07226ee)
@risicle
python3Packages.gevent: add some key reverse-dependencies to passthru…
0f6ba7d 
….tests

(cherry picked from commit 96cb82f)
@reckenrode @github-actions
x264: fix runtime crash due to llvm-strip args
9ce7300 
This is a similar issue to #234868,
but it crashes instead of failing to link. The same fix applies (using
`-S` instead of `-x` with `llvm-strip`).

(cherry picked from commit 0f0b89f)
@risicle
Merge pull request #271642 from LeSuisse/libde265-23.11
650bd81 
[23.11] libde265: 1.0.12 -> 1.0.14
@github-actions
Merge release-23.11 into staging-next-23.11
a9252ab
@github-actions
Merge staging-next-23.11 into staging-23.11
724261b
@jtojnar @github-actions
gtk4: 4.12.3 → 4.12.4
5c56571 
https://gitlab.gnome.org/GNOME/gtk/-/compare/4.12.3...4.12.4
(cherry picked from commit 325920e)
@amaxine
Merge pull request #271859 from NixOS/backport-271684-to-staging-23.11
f67ccbb 
[Backport staging-23.11] gtk4: 4.12.3 → 4.12.4
@github-actions
Merge release-23.11 into staging-next-23.11
2b7a015
@github-actions
Merge staging-next-23.11 into staging-23.11
bd39f39
@github-actions
Merge release-23.11 into staging-next-23.11
dc7ee14
@github-actions github-actions bot added 6.topic: stdenv Standard environment 6.topic: module system About "NixOS" module system internals 6.topic: lib The Nixpkgs function library labels Jan 6, 2024
github-actions bot and others added 15 commits January 7, 2024 00:16
@github-actions
Merge release-23.11 into staging-next-23.11
020ecc5
@github-actions
Merge release-23.11 into staging-next-23.11
6306f16
@github-actions
Merge release-23.11 into staging-next-23.11
147af78
@github-actions
Merge release-23.11 into staging-next-23.11
4bce8f0
@mweinelt @vcunat
curl: apply 8.5.0 security fixes
14e563b 
Fixes: CVE-2023-46218, CVE-2023-46219
@LeSuisse @vcunat
inetutils: 2.4 -> 2.5
b62fdff 
Changes:
```
* Noteworthy changes in release 2.4 (2022-10-25) [stable]

** ifconfig

*** Support specifying prefix netmask lengths in -A.
Patch by Samuel Thibault <[email protected]>.

** Hurd: tell pfinet translator interfaces to configure
Patch by Samuel Thibault <[email protected]>.

** ftp

*** Avoid crash caused by signed integer overflow resulting in
out-of-bounds buffer access.  Reported by AiDai in
<https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00003.html>.

*** Avoid crash caused by heap buffer overflow.  Reported by ZFeiXQ in
<https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00016.html>.

*** Avoid crash caused by NULL pointer dereference.  Reported by AiDai in
<https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00004.html>.

*** Avoid crash caused by infinite macro recursion.  Reported by AiDai in
<https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00005.html>.

** telnetd

*** Avoid crash on 0xff 0xf7 (IAC EC) or 0xff 0xf8 (IAC EL).  CVE-2022-39028
https://pierrekim.github.io/blog/2022-08-24-2-byte-dos-freebsd-netbsd-telnetd-netkit-telnetd-inetutils-telnetd-kerberos-telnetd.html

** telnet

*** Fix a buffer overflow problem.  CVE-2019-0053
https://cgit.freebsd.org/src/commit/?id=14aab889f4e50072a6b914eb95ebbfa939539dad

** tftp

*** Avoid crashing when given unexpected or invalid commands from tty.
Reported by AiDai in
<https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00018.html>.

** Various bugs fixes, internal improvements and clean ups.
Update of gnulib and build fixes for C23.

```

(cherry picked from commit 448dd9f)
@github-actions
Merge release-23.11 into staging-next-23.11
422b2a7
@wegank
Merge branch 'release-23.11' into staging-next-23.11
5cb7ab2
@github-actions
Merge release-23.11 into staging-next-23.11
12c6846
@github-actions
Merge release-23.11 into staging-next-23.11
61543d3
@github-actions
Merge release-23.11 into staging-next-23.11
87b96a1
@github-actions
Merge release-23.11 into staging-next-23.11
60d3fd9
@github-actions
Merge release-23.11 into staging-next-23.11
8c4e0ad
@github-actions
Merge release-23.11 into staging-next-23.11
11a0086
@github-actions
Merge release-23.11 into staging-next-23.11
6f16d3a
@vcunat vcunat mentioned this pull request Jan 18, 2024
Merged
13 tasks
@vcunat vcunat merged commit 8ae7c0e into release-23.11 Jan 18, 2024
14 checks passed
@vcunat vcunat mentioned this pull request Jan 19, 2024
Merged
13 tasks
@vcunat vcunat mentioned this pull request Jan 26, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kalbasit kalbasit Awaiting requested review from kalbasit kalbasit is a code owner

@Mic92 Mic92 Awaiting requested review from Mic92 Mic92 is a code owner

@zowoq zowoq Awaiting requested review from zowoq zowoq is a code owner

@ttuegel ttuegel Awaiting requested review from ttuegel ttuegel is a code owner

@ajs124 ajs124 Awaiting requested review from ajs124 ajs124 is a code owner

@lukegb lukegb Awaiting requested review from lukegb lukegb is a code owner

@mweinelt mweinelt Awaiting requested review from mweinelt mweinelt is a code owner

@stigtsp stigtsp Awaiting requested review from stigtsp stigtsp is a code owner

@zakame zakame Awaiting requested review from zakame zakame is a code owner

@dasJ dasJ Awaiting requested review from dasJ dasJ is a code owner

@Ericson2314 Ericson2314 Awaiting requested review from Ericson2314 Ericson2314 is a code owner

@infinisil infinisil Awaiting requested review from infinisil infinisil is a code owner

Assignees
No one assigned
Labels
1.severity: security Issues which raise a security issue, or PRs that fix one 6.topic: emacs Text editor 6.topic: golang 6.topic: lib The Nixpkgs function library 6.topic: module system About "NixOS" module system internals 6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 6.topic: python 6.topic: qt/kde 6.topic: stdenv Standard environment 6.topic: vim 8.has: clean-up 8.has: module (update) This PR changes an existing module in `nixos/` 8.has: package (new) This PR adds a new package 10.rebuild-darwin: 501+ 10.rebuild-darwin: 5001+ 10.rebuild-darwin-stdenv This PR causes stdenv to rebuild 10.rebuild-linux: 501+ 10.rebuild-linux: 5001+ 10.rebuild-linux-stdenv This PR causes stdenv to rebuild
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.