Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[19.03] unbound: 1.9.0 -> 1.9.4 #70375

Closed
wants to merge 4 commits into from
Closed

[19.03] unbound: 1.9.0 -> 1.9.4 #70375

wants to merge 4 commits into from

Conversation

andir
Copy link
Member

@andir andir commented Oct 4, 2019

Motivation for this change

https://nlnetlabs.nl/downloads/unbound/CVE-2019-16866.txt

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nix-review --run "nix-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Ensured that relevant documentation is up to date
  • Fits CONTRIBUTING.md.
Notify maintainers

cc @

r-ryantm and others added 4 commits October 4, 2019 11:53
@r-ryantm @andir
unbound: 1.9.0 -> 1.9.1
18956bf 
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/unbound/versions

(cherry picked from commit 2db96ff)
@r-ryantm @andir
unbound: 1.9.1 -> 1.9.2
ac5de69 
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/unbound/versions

(cherry picked from commit f7eee05)
@leenaars @andir
unbound: 1.9.2 -> 1.9.3
b0dbbc6 
(cherry picked from commit ff824de)
@andir
unbound: 1.9.3 -> 1.9.4 (CVE-2019-16866)
f973bf8 
https://nlnetlabs.nl/downloads/unbound/CVE-2019-16866.txt
(cherry picked from commit b6a315c)
@vcunat
Copy link
Member

vcunat commented Oct 7, 2019
edited

The CVE was patched in bcc3c11, but feel free to do the bumps anyway, if you think that's better. (But the patch would have to be removed.)

@vcunat vcunat changed the title [19.03] unbound: 1.9.3 -> 1.9.4 (CVE-2019-16866) [19.03] unbound: 1.9.0 -> 1.9.4 (CVE-2019-16866) Oct 7, 2019
@vcunat vcunat changed the title [19.03] unbound: 1.9.0 -> 1.9.4 (CVE-2019-16866) [19.03] unbound: 1.9.0 -> 1.9.4 Oct 7, 2019
@risicle
Copy link
Contributor

risicle commented Oct 13, 2019

I'd advocate leaving the patch in place, avoiding an unexpected version bump in the stable branch.

@veprbl
Copy link
Member

veprbl commented Oct 25, 2019

The 19.09 is out. Is this still relevant?

@vcunat
Copy link
Member

vcunat commented Oct 26, 2019

Well, reopen if you still want to pursue this. It would need additional commit anyway to not apply the separate patch.

@vcunat vcunat closed this Oct 26, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@andir @vcunat @risicle @veprbl @r-ryantm @leenaars