Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

libvirt_5_9_0: mark as insecure #111322

Merged
merged 1 commit into from Feb 7, 2021
Merged

libvirt_5_9_0: mark as insecure #111322

merged 1 commit into from Feb 7, 2021

Conversation

dotlambda
Copy link
Member

Motivation for this change

closes #90862

Actually, we might prefer to remove libvirt_5_9_0 and python2Packages.libvirt entirely.

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS linux)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Ensured that relevant documentation is up to date
  • Fits CONTRIBUTING.md.

@dotlambda dotlambda added 1.severity: security 9.needs: port to stable A PR needs a backport to the stable release. labels Jan 30, 2021
@dotlambda
Copy link
Member Author

This affects nixops because it is still using Python 2.
cc @NixOS/nixops-committers

@SuperSandro2000
Copy link
Member

This affects nixops because it is still using Python 2.

It should already be unbuiltable in nixpkgs because cryptography is marked as insecure.

@dotlambda
Copy link
Member Author

It should already be unbuiltable in nixpkgs because cryptography is marked as insecure.

python2.pkgs.cryptography builds just fine since cbe4b09

@dotlambda dotlambda mentioned this pull request Feb 2, 2021
Open
16 tasks
@dotlambda dotlambda merged commit 4a11da4 into NixOS:master Feb 7, 2021
@dotlambda dotlambda deleted the libvirt_5_9_0-insecure branch February 7, 2021 09:38
dotlambda added a commit that referenced this pull request Feb 7, 2021
@dotlambda
libvirt_5_9_0: mark as insecure (#111322)
223fab2 
(cherry picked from commit 4a11da4)
@dotlambda dotlambda added 8.has: port to stable A PR already has a backport to the stable release. and removed 9.needs: port to stable A PR needs a backport to the stable release. labels Feb 7, 2021
@yorickvP yorickvP mentioned this pull request Oct 5, 2022
Closed
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@SuperSandro2000 SuperSandro2000 Awaiting requested review from SuperSandro2000

@fpletz fpletz Awaiting requested review from fpletz

@globin globin Awaiting requested review from globin

Assignees
No one assigned
Labels
1.severity: security 8.has: port to stable A PR already has a backport to the stable release. 10.rebuild-darwin: 0 10.rebuild-linux: 0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Vulnerability roundup 85: libvirt-5.9.0: 5 advisories [8.1]
2 participants
@dotlambda @SuperSandro2000