Skip to content

Update Adoptium Temurin April security update releases#403244

Merged
leona-ya merged 1 commit intoNixOS:stagingfrom
galderz:topic.temurin-security-releases
Jun 27, 2025
Merged

Update Adoptium Temurin April security update releases#403244
leona-ya merged 1 commit intoNixOS:stagingfrom
galderz:topic.temurin-security-releases

Conversation

@galderz
Copy link
Copy Markdown
Contributor

@galderz galderz commented May 1, 2025

Following the release of April's CPU updates for Adoptium Temurin releases, I have updated the metadata.

Things done

  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
    • sandbox = relaxed
    • sandbox = true
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 25.05 Release Notes (or backporting 24.11 and 25.05 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
  • Fits CONTRIBUTING.md.

Add a 👍 reaction to pull requests you find important.

@github-actions github-actions bot added 6.topic: java Including JDK, tooling, other languages, other VMs 10.rebuild-darwin: 11-100 This PR causes between 11 and 100 packages to rebuild on Darwin. 10.rebuild-linux: 1001-2500 This PR causes many rebuilds on Linux and should target the staging branches. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. labels May 1, 2025
LordGrimmauld
LordGrimmauld requested changes May 1, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@LordGrimmauld LordGrimmauld left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This needs to go against staging.
Also please reword your commit message to confirm to the commit conventions

@galderz
Copy link
Copy Markdown
Contributor Author

galderz commented May 7, 2025

@LordGrimmauld Thanks, I'll get that sorted ASAP

@galderz galderz force-pushed the topic.temurin-security-releases branch from 360e959 to 77dda47 Compare May 8, 2025 16:44
@github-actions github-actions bot added 6.topic: python Python is a high-level, general-purpose programming language. 6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 6.topic: GNOME GNOME desktop environment and its underlying platform 6.topic: haskell General-purpose, statically typed, purely functional programming language 6.topic: qt/kde Object-oriented framework for GUI creation 8.has: changelog This PR adds or changes release notes 8.has: module (update) This PR changes an existing module in `nixos/` 6.topic: golang Go is a high-level general purpose programming language that is statically typed and compiled. 6.topic: nodejs Node.js is a free, open-source, cross-platform JavaScript runtime environment 6.topic: lua Lua is a powerful, efficient, lightweight, embeddable scripting language. 6.topic: llvm/clang Issues related to llvmPackages, clangStdenv and related 8.has: documentation This PR adds or changes documentation labels May 8, 2025
@galderz galderz changed the base branch from master to staging May 8, 2025 16:45
@github-actions github-actions bot removed 6.topic: python Python is a high-level, general-purpose programming language. 6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 6.topic: GNOME GNOME desktop environment and its underlying platform 6.topic: haskell General-purpose, statically typed, purely functional programming language 6.topic: qt/kde Object-oriented framework for GUI creation 8.has: changelog This PR adds or changes release notes 8.has: module (update) This PR changes an existing module in `nixos/` 6.topic: golang Go is a high-level general purpose programming language that is statically typed and compiled. 6.topic: nodejs Node.js is a free, open-source, cross-platform JavaScript runtime environment labels May 8, 2025
@github-actions github-actions bot removed 6.topic: lua Lua is a powerful, efficient, lightweight, embeddable scripting language. 6.topic: llvm/clang Issues related to llvmPackages, clangStdenv and related labels May 8, 2025
@galderz
Copy link
Copy Markdown
Contributor Author

galderz commented May 8, 2025

@LordGrimmauld I've changed the base to staging and fixed the commit message

@github-actions github-actions bot added 10.rebuild-darwin: 5001+ This PR causes many rebuilds on Darwin and must target the staging branches. 10.rebuild-darwin: 501+ This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-linux: 5001+ This PR causes many rebuilds on Linux and must target the staging branches. and removed 10.rebuild-darwin: 11-100 This PR causes between 11 and 100 packages to rebuild on Darwin. 10.rebuild-linux: 1001-2500 This PR causes many rebuilds on Linux and should target the staging branches. labels May 8, 2025
@galderz
Copy link
Copy Markdown
Contributor Author

galderz commented Jun 27, 2025

July CPU just around the corner...

@leona-ya leona-ya added 1.severity: security Issues which raise a security issue, or PRs that fix one backport staging-25.05 labels Jun 27, 2025
@leona-ya leona-ya merged commit 0cc7c31 into NixOS:staging Jun 27, 2025
40 checks passed
@nixpkgs-ci
Copy link
Copy Markdown
Contributor

nixpkgs-ci bot commented Jun 27, 2025

Successfully created backport PR for staging-25.05:

@nixpkgs-ci nixpkgs-ci bot mentioned this pull request Jun 27, 2025
Merged
1 task
@github-actions github-actions bot added the 8.has: port to stable This PR already has a backport to the stable release. label Jun 27, 2025
@galderz
Copy link
Copy Markdown
Contributor Author

galderz commented Jun 27, 2025

Thanks @leona-ya!

@LordGrimmauld
Copy link
Copy Markdown
Contributor

LordGrimmauld commented Jun 27, 2025

With high-profile security updates like these, it makes sense to add the security tag and also posting them in the "Security Triage" room over on matrix. While this is no guarantee, that helps to not forget about these. I only remembered after you wrote another comment in here and i got a notification.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@LordGrimmauld LordGrimmauld LordGrimmauld requested changes

@leona-ya leona-ya leona-ya approved these changes

Assignees

No one assigned

Labels

1.severity: security Issues which raise a security issue, or PRs that fix one 6.topic: java Including JDK, tooling, other languages, other VMs 8.has: documentation This PR adds or changes documentation 8.has: port to stable This PR already has a backport to the stable release. 10.rebuild-darwin: 501+ This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-darwin: 5001+ This PR causes many rebuilds on Darwin and must target the staging branches. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. 10.rebuild-linux: 5001+ This PR causes many rebuilds on Linux and must target the staging branches.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@galderz @LordGrimmauld @leona-ya