Skip to content

libraw: add patch for CVE-2023-1729#248729

Merged
vcunat merged 2 commits intoNixOS:stagingfrom
risicle:ris-libraw-CVE-2023-1729
Aug 20, 2023
Merged

libraw: add patch for CVE-2023-1729#248729
vcunat merged 2 commits intoNixOS:stagingfrom
risicle:ris-libraw-CVE-2023-1729

Conversation

@risicle
Copy link
Copy Markdown
Contributor

@risicle risicle commented Aug 12, 2023
edited
Loading

Description of changes

https://nvd.nist.gov/vuln/detail/CVE-2023-1729

(testing was done against master, also tested pkgsStatic and pkgsCross.aarch64-multiplatform variants)

Things done

  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandbox = true set in nix.conf? (See Nix manual)
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 23.11 Release Notes (or backporting 23.05 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
  • Fits CONTRIBUTING.md.

@risicle risicle added 1.severity: security Issues which raise a security issue, or PRs that fix one backport release-23.05 labels Aug 12, 2023
@ofborg ofborg bot added 10.rebuild-darwin: 501+ This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-darwin: 501-1000 This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. 10.rebuild-linux: 501-1000 This PR causes many rebuilds on Linux and should normally target the staging branches. labels Aug 12, 2023
@risicle risicle force-pushed the ris-libraw-CVE-2023-1729 branch from f411b58 to 39070fd Compare August 12, 2023 15:37
@risicle risicle changed the base branch from master to staging August 12, 2023 15:38
@risicle risicle marked this pull request as ready for review August 12, 2023 15:38
@vcunat vcunat merged commit 6c2c30d into NixOS:staging Aug 20, 2023
@github-actions github-actions bot mentioned this pull request Aug 20, 2023
Closed
1 task
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Aug 20, 2023

Successfully created backport PR for release-23.05:

@github-actions github-actions bot mentioned this pull request Aug 20, 2023
Merged
1 task
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Aug 20, 2023

Successfully created backport PR for staging-23.05:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

1.severity: security Issues which raise a security issue, or PRs that fix one 10.rebuild-darwin: 501-1000 This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-darwin: 501+ This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-linux: 501-1000 This PR causes many rebuilds on Linux and should normally target the staging branches. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@risicle @vcunat