Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

gobby5: unstable-2018-04-03 -> unstable-2020-12-29 #111107

Merged
merged 1 commit into from Jan 29, 2021
Merged

gobby5: unstable-2018-04-03 -> unstable-2020-12-29 #111107

merged 1 commit into from Jan 29, 2021

Conversation

mweinelt
Copy link
Member

Motivation for this change

The gobby project recently addressed a denial of service vector in their application.

I've kindly asked them to do another release tag: gobby/gobby#188
The issue was reported here: gobby/gobby#183
The issue was fixed here: gobby/gobby#184

Fixes: CVE-2020-35450

@jtojnar Any idea why you named this package gobby5 and not just gobby?

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS linux)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Ensured that relevant documentation is up to date
  • Fits CONTRIBUTING.md.

@mweinelt mweinelt added 1.severity: security 9.needs: port to stable A PR needs a backport to the stable release. labels Jan 29, 2021
@ofborg ofborg bot requested a review from Phreedom January 29, 2021 03:56
@SuperSandro2000 SuperSandro2000 merged commit da1f7da into NixOS:master Jan 29, 2021
@jtojnar
Copy link
Contributor

jtojnar commented Jan 29, 2021

It was already named like that when I fixed it in #44651. The renaming seems to come from ef403be.

@mweinelt mweinelt deleted the gobby branch January 29, 2021 15:17
@TredwellGit TredwellGit removed the 9.needs: port to stable A PR needs a backport to the stable release. label Aug 20, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Phreedom Phreedom Awaiting requested review from Phreedom

Assignees
No one assigned
Labels
1.severity: security 10.rebuild-darwin: 1-10 10.rebuild-darwin: 1 10.rebuild-linux: 1-10 10.rebuild-linux: 1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@mweinelt @jtojnar @SuperSandro2000 @TredwellGit