From 299401754d85405d56fda1f5db4745a2f21fd689 Mon Sep 17 00:00:00 2001 From: "nixpkgs-channel-update-tracker[bot]" <187269596+nixpkgs-channel-update-tracker[bot]@users.noreply.github.com> Date: Tue, 10 Dec 2024 11:22:40 +0000 Subject: [PATCH 1/2] Auto update nixpkgs to ebcc9ab51d9d5495508eb5c520eb188aecd7f799 --- ...112240_nixpkgs-auto-update-fc-24.05-dev.md | 4 + flake.lock | 6 +- release/package-versions.json | 114 +++++++++--------- release/versions.json | 4 +- 4 files changed, 66 insertions(+), 62 deletions(-) create mode 100644 changelog.d/20241210_112240_nixpkgs-auto-update-fc-24.05-dev.md diff --git a/changelog.d/20241210_112240_nixpkgs-auto-update-fc-24.05-dev.md b/changelog.d/20241210_112240_nixpkgs-auto-update-fc-24.05-dev.md new file mode 100644 index 000000000..96207753d --- /dev/null +++ b/changelog.d/20241210_112240_nixpkgs-auto-update-fc-24.05-dev.md @@ -0,0 +1,4 @@ + +### NixOS XX.XX platform + +- Update nixpkgs from e8368806d2c792603b4c47afe0e3709a51d232a2 to ebcc9ab51d9d5495508eb5c520eb188aecd7f799 diff --git a/flake.lock b/flake.lock index 1027e3df3..1be1f0eb0 100644 --- a/flake.lock +++ b/flake.lock @@ -410,11 +410,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1732552704, - "narHash": "sha256-tqRguWLOIq+t4FKRj9i6xm+SgE0AlR+HvrZJYmfkl4o=", + "lastModified": 1733829735, + "narHash": "sha256-CgcsSdkc7NNVFj7nilTBZa1SwbS+zCl0LHYirGzewUo=", "owner": "flyingcircusio", "repo": "nixpkgs", - "rev": "e8368806d2c792603b4c47afe0e3709a51d232a2", + "rev": "ebcc9ab51d9d5495508eb5c520eb188aecd7f799", "type": "github" }, "original": { diff --git a/release/package-versions.json b/release/package-versions.json index 1281f5a55..3548558e0 100644 --- a/release/package-versions.json +++ b/release/package-versions.json @@ -70,14 +70,14 @@ "version": "18.2.4" }, "chromedriver": { - "name": "chromedriver-130.0.6723.116", - "pname": "chromedriver", - "version": "130.0.6723.116" + "name": "chromedriver-unwrapped-131.0.6778.108", + "pname": "chromedriver-unwrapped", + "version": "131.0.6778.108" }, "chromium": { - "name": "chromium-130.0.6723.116", + "name": "chromium-131.0.6778.108", "pname": "chromium", - "version": "130.0.6723.116" + "version": "131.0.6778.108" }, "cifs-utils": { "name": "cifs-utils-7.0", @@ -155,9 +155,9 @@ "version": "2.3.21.1" }, "element-web": { - "name": "element-web-1.11.85", + "name": "element-web-1.11.87", "pname": "element-web", - "version": "1.11.85" + "version": "1.11.87" }, "erlang": { "name": "erlang-25.3.2.12", @@ -190,9 +190,9 @@ "version": "7.17.16" }, "firefox": { - "name": "firefox-132.0.2", + "name": "firefox-133.0", "pname": "firefox", - "version": "132.0.2" + "version": "133.0" }, "gcc": { "name": "gcc-wrapper-13.2.0", @@ -220,9 +220,9 @@ "version": "2.44.2" }, "gitaly": { - "name": "gitaly-17.3.7", + "name": "gitaly-17.5.3", "pname": "gitaly", - "version": "17.3.7" + "version": "17.5.3" }, "github-runner": { "name": "github-runner-2.321.0", @@ -230,24 +230,24 @@ "version": "2.321.0" }, "gitlab": { - "name": "gitlab-17.3.7", + "name": "gitlab-17.5.3", "pname": "gitlab", - "version": "17.3.7" + "version": "17.5.3" }, "gitlab-container-registry": { - "name": "gitlab-container-registry-4.13.0", + "name": "gitlab-container-registry-4.14.0", "pname": "gitlab-container-registry", - "version": "4.13.0" + "version": "4.14.0" }, "gitlab-ee": { - "name": "gitlab-ee-17.3.7", + "name": "gitlab-ee-17.5.3", "pname": "gitlab-ee", - "version": "17.3.7" + "version": "17.5.3" }, "gitlab-pages": { - "name": "gitlab-pages-17.3.7", + "name": "gitlab-pages-17.5.3", "pname": "gitlab-pages", - "version": "17.3.7" + "version": "17.5.3" }, "gitlab-runner": { "name": "gitlab-runner-17.1.0", @@ -255,9 +255,9 @@ "version": "17.1.0" }, "gitlab-workhorse": { - "name": "gitlab-workhorse-17.3.7", + "name": "gitlab-workhorse-17.5.3", "pname": "gitlab-workhorse", - "version": "17.3.7" + "version": "17.5.3" }, "glibc": { "name": "glibc-2.39-52", @@ -290,9 +290,9 @@ "version": "1.22.8" }, "grafana": { - "name": "grafana-10.4.12", + "name": "grafana-10.4.13", "pname": "grafana", - "version": "10.4.12" + "version": "10.4.13" }, "grub2": { "name": "grub-2.12", @@ -305,9 +305,9 @@ "version": "2.9.10" }, "imagemagick": { - "name": "imagemagick-7.1.1-39", + "name": "imagemagick-7.1.1-40", "pname": "imagemagick", - "version": "7.1.1-39" + "version": "7.1.1-40" }, "imagemagick6": { "name": "imagemagick-6.9.13-10", @@ -315,9 +315,9 @@ "version": "6.9.13-10" }, "imagemagick7": { - "name": "imagemagick-7.1.1-39", + "name": "imagemagick-7.1.1-40", "pname": "imagemagick", - "version": "7.1.1-39" + "version": "7.1.1-40" }, "inetutils": { "name": "inetutils-2.5", @@ -460,9 +460,9 @@ "version": "0.2.5" }, "linuxKernelStable": { - "name": "linux-5.15.172", + "name": "linux-5.15.173", "pname": "linux", - "version": "5.15.172" + "version": "5.15.173" }, "linuxKernelVerify": { "name": "linux-6.11", @@ -495,9 +495,9 @@ "version": "3.3.5" }, "mastodon": { - "name": "mastodon-4.2.13", + "name": "mastodon-4.2.14", "pname": "mastodon", - "version": "4.2.13" + "version": "4.2.14" }, "matomo": { "name": "matomo-4.16.1", @@ -510,9 +510,9 @@ "version": "5.1.1" }, "matrix-synapse": { - "name": "matrix-synapse-wrapped-1.119.0", + "name": "matrix-synapse-wrapped-1.120.2", "pname": "matrix-synapse-wrapped", - "version": "1.119.0" + "version": "1.120.2" }, "mcpp": { "name": "mcpp-2.7.2.1", @@ -550,9 +550,9 @@ "version": "10.11.8" }, "mysql80": { - "name": "mysql-8.0.39", + "name": "mysql-8.0.40", "pname": "mysql", - "version": "8.0.39" + "version": "8.0.40" }, "nfs-utils": { "name": "nfs-utils-2.6.2", @@ -605,9 +605,9 @@ "version": "4.36" }, "nss_latest": { - "name": "nss-3.106", + "name": "nss-3.107", "pname": "nss", - "version": "3.106" + "version": "3.107" }, "openjdk": { "name": "openjdk-21.0.3+9", @@ -675,24 +675,24 @@ "version": "10.43" }, "percona": { - "name": "percona-server-8.0.37-29", + "name": "percona-server-8.0.39-30", "pname": "percona-server", - "version": "8.0.37-29" + "version": "8.0.39-30" }, "percona-server": { - "name": "percona-server-8.0.37-29", + "name": "percona-server-8.0.39-30", "pname": "percona-server", - "version": "8.0.37-29" + "version": "8.0.39-30" }, "percona-server_innovation": { - "name": "percona-server-8.4.0-1", + "name": "percona-server-8.4.2-2", "pname": "percona-server", - "version": "8.4.0-1" + "version": "8.4.2-2" }, "percona-server_lts": { - "name": "percona-server-8.0.37-29", + "name": "percona-server-8.0.39-30", "pname": "percona-server", - "version": "8.0.37-29" + "version": "8.0.39-30" }, "percona-xtrabackup_8_0": { "name": "percona-xtrabackup-8.0.35-31", @@ -720,9 +720,9 @@ "version": "5.7.42-45" }, "percona80": { - "name": "percona-server-8.0.37-29", + "name": "percona-server-8.0.39-30", "pname": "percona-server", - "version": "8.0.37-29" + "version": "8.0.39-30" }, "percona83": { "name": "percona-server_innovation-8.3.0-1", @@ -750,19 +750,19 @@ "version": "8.0.30" }, "php81": { - "name": "php-with-extensions-8.1.30", + "name": "php-with-extensions-8.1.31", "pname": "php-with-extensions", - "version": "8.1.30" + "version": "8.1.31" }, "php82": { - "name": "php-with-extensions-8.2.24", + "name": "php-with-extensions-8.2.26", "pname": "php-with-extensions", - "version": "8.2.24" + "version": "8.2.26" }, "php83": { - "name": "php-with-extensions-8.3.13", + "name": "php-with-extensions-8.3.14", "pname": "php-with-extensions", - "version": "8.3.13" + "version": "8.3.14" }, "phpPackages.composer": { "name": "composer-2.7.7", @@ -1017,9 +1017,9 @@ "version": "8.11.2" }, "strace": { - "name": "strace-6.11", + "name": "strace-6.12", "pname": "strace", - "version": "6.11" + "version": "6.12" }, "strongswan": { "name": "strongswan-5.9.14", @@ -1137,9 +1137,9 @@ "version": "1.3.1" }, "zoneminder": { - "name": "zoneminder-1.36.34", + "name": "zoneminder-1.36.35", "pname": "zoneminder", - "version": "1.36.34" + "version": "1.36.35" }, "zsh": { "name": "zsh-5.9", diff --git a/release/versions.json b/release/versions.json index aa1dd882e..a5f7dd522 100644 --- a/release/versions.json +++ b/release/versions.json @@ -8,9 +8,9 @@ "url": "https://gitlab.flyingcircus.io/flyingcircus/nixos-mailserver.git/" }, "nixpkgs": { - "hash": "sha256-tqRguWLOIq+t4FKRj9i6xm+SgE0AlR+HvrZJYmfkl4o=", + "hash": "sha256-CgcsSdkc7NNVFj7nilTBZa1SwbS+zCl0LHYirGzewUo=", "owner": "flyingcircusio", "repo": "nixpkgs", - "rev": "e8368806d2c792603b4c47afe0e3709a51d232a2" + "rev": "ebcc9ab51d9d5495508eb5c520eb188aecd7f799" } } From e57dfb9809149b39f6e7ea405cd5432731d979af Mon Sep 17 00:00:00 2001 From: Oliver Schmidt Date: Tue, 10 Dec 2024 10:30:45 +0100 Subject: [PATCH 2/2] changelog: details on fixed security issues --- .../20241210_112240_nixpkgs-auto-update-fc-24.05-dev.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/changelog.d/20241210_112240_nixpkgs-auto-update-fc-24.05-dev.md b/changelog.d/20241210_112240_nixpkgs-auto-update-fc-24.05-dev.md index 96207753d..c06ab14db 100644 --- a/changelog.d/20241210_112240_nixpkgs-auto-update-fc-24.05-dev.md +++ b/changelog.d/20241210_112240_nixpkgs-auto-update-fc-24.05-dev.md @@ -2,3 +2,10 @@ ### NixOS XX.XX platform - Update nixpkgs from e8368806d2c792603b4c47afe0e3709a51d232a2 to ebcc9ab51d9d5495508eb5c520eb188aecd7f799 + - chrome, chromium: 130.0.6723.116 -> 131.0.6778.108 (CVE-2024-12053, CVE-2024-11395, CVE-2024-11110, CVE-2024-11111, CVE-2024-11112, CVE-2024-11113, CVE-2024-11114, CVE-2024-11115, CVE-2024-11116, CVE-2024-11117) + - firefox: 132.0.2 -> 133.0 (CVE-2024-11691, CVE-2024-11692, CVE-2024-11701, CVE-2024-11694, CVE-2024-11695, CVE-2024-11696, CVE-2024-11697, CVE-2024-11704, CVE-2024-11698, CVE-2024-11705, CVE-2024-11706, CVE-2024-11708, CVE-2024-11699) + - percona80: (CVE-2024-21171, CVE-2024-21177, CVE-2024-21163, CVE-2024-21173, CVE-2024-21179, CVE-2024-21127, CVE-2024-21129, CVE-2024-21125, CVE-2024-21130, CVE-2024-21162, CVE-2024-21165, CVE-2024-21142, CVE-2024-21134) + - php81: 8.1.30 -> 8.1.31 (CVE-2024-8932, CVE-2024-8929, CVE-2024-11236, CVE-2024-11234, CVE-2024-11233, GHSA-4w77-75f9-2c8w) + - php83: 8.3.13 -> 8.3.14 (CVE-2024-8932, CVE-2024-8929, CVE-2024-11236, CVE-2024-11234, CVE-2024-11233, GHSA-4w77-75f9-2c8w) + - rclone: apply patch for CVE-2024-52522 + - zoneminder: 1.36.34 -> 1.36.35 (GHSA-rqxv-447h-g7jx)