-
-
Notifications
You must be signed in to change notification settings - Fork 15.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
graphite2: 1.3.6 -> 1.3.13 #74155
graphite2: 1.3.6 -> 1.3.13 #74155
Conversation
@GrahamcOfBorg build |
should go to staging due to the amount of rebuilds |
Fixes various security bugs with CVEs since 2017. Fixes NixOS#73645. Note that for 1.3.6 *ONLY*, the file was called `graphite-*.tgz` and not `graphite2-*.tgz`, that's why the URL changes as well.
34775f0
to
de97cb7
Compare
@GrahamcOfBorg build |
Done; I wasn't quite sure if I should put it on staging given that it's |
Hm, some of these seem to have been remotely abusable in Firefox? |
@7c6f434c Yes that's how I understood it. |
@ckauhaus Do we have any procedure for PRs against staging-merge for high-impact but very high-rebuild fixes? |
staging to bring in large rebuilds, then staging-next is used for stabilization of the affected packages. |
Fixes various security bugs with CVEs since 2017.
Fixes #73645.
Note that for 1.3.6 ONLY, the file was called
graphite-*.tgz
and not
graphite2-*.tgz
, that's why the URL changes as well.Motivation for this change
Things done
sandbox
innix.conf
on non-NixOS linux)nix-shell -p nix-review --run "nix-review wip"
./result/bin/
)nix path-info -S
before and after)Notify maintainers
cc @7c6f434c