Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

neomutt: 20200925 -> 20201120 #104394

Merged
merged 1 commit into from Nov 20, 2020
Merged

neomutt: 20200925 -> 20201120 #104394

merged 1 commit into from Nov 20, 2020

Conversation

magnetophon
Copy link
Member

@magnetophon magnetophon commented Nov 20, 2020
edited

Motivation for this change
Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS linux)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Ensured that relevant documentation is up to date
  • Fits CONTRIBUTING.md.

@stigtsp
Copy link
Member

stigtsp commented Nov 20, 2020

Fixes CVE-2020-28896

@Ma27
Copy link
Member

Ma27 commented Nov 20, 2020

Seems as the details aren't disclosed yet, but I still think that this should be backported then.

@Ma27 Ma27 added the 9.needs: port to stable A PR needs a backport to the stable release. label Nov 20, 2020
stigtsp
stigtsp approved these changes Nov 20, 2020
View reviewed changes
Copy link
Member

@stigtsp stigtsp left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Tested OK on linux x64

Result of nixpkgs-review pr 104394 1

1 package built:
  • neomutt

@Ma27
Copy link
Member

Ma27 commented Nov 20, 2020

Works fine with my neomutt configuration. Will take care of the backport.

@Ma27 Ma27 merged commit 6c9580f into NixOS:master Nov 20, 2020
@magnetophon magnetophon deleted the neomutt branch November 20, 2020 21:30
@stigtsp
Copy link
Member

stigtsp commented Nov 20, 2020

Also related #104399

@Ma27
Copy link
Member

Ma27 commented Nov 20, 2020

20.09: bdab66a

@Ma27
Copy link
Member

Ma27 commented Nov 20, 2020
edited

cc @NixOS/backports @NixOS/security-notifications 20.03 is still alive one week, but this release fixes a CVE (see https://github.com/neomutt/neomutt/releases/tag/20201120) and the relevant patch (neomutt/neomutt@9c36717) doesn't apply on 20.03 neomutt.

Is this irrelevant now as 20.03 is almost dead or do you have a suggestion on how to proceed?

In fact, it does apply if you do it right. Will take care of it now.

@Ma27
Copy link
Member

Ma27 commented Nov 20, 2020

Relevant patch is on 20.03 since c2967ae.

@Ma27 Ma27 added 8.has: port to stable A PR already has a backport to the stable release. and removed 9.needs: port to stable A PR needs a backport to the stable release. labels Nov 20, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@stigtsp stigtsp stigtsp approved these changes

@Ma27 Ma27 Ma27 approved these changes

@jfrankenau jfrankenau Awaiting requested review from jfrankenau

@erikryb erikryb Awaiting requested review from erikryb

@vrthra vrthra Awaiting requested review from vrthra

@cstrahan cstrahan Awaiting requested review from cstrahan

Assignees
No one assigned
Labels
1.severity: security 8.has: port to stable A PR already has a backport to the stable release. 10.rebuild-darwin: 1-10 10.rebuild-darwin: 1 10.rebuild-linux: 1-10 10.rebuild-linux: 1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@magnetophon @stigtsp @Ma27