Skip to content

opentsdb: mark as insecure #110775

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jan 25, 2021
Merged

opentsdb: mark as insecure #110775

merged 1 commit into from
Jan 25, 2021
+3 −0

Conversation

dotlambda
Copy link
Member

Motivation for this change

OpenTSDB/opentsdb#2051 has not been addressed yet
fixes #109205

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS linux)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Ensured that relevant documentation is up to date
  • Fits CONTRIBUTING.md.

cc @ocharles

Sorry, something went wrong.

@dotlambda
opentsdb: mark as insecure

Verified

This commit was signed with the committer’s verified signature.
SamirHafez Samir Hafez
GPG key ID: 95806A3539FE7066
Verified
Learn about vigilant mode
570daf8 
OpenTSDB/opentsdb#2051 has not been addressed yet
@dotlambda dotlambda added 1.severity: security Issues which raise a security issue, or PRs that fix one 9.needs: port to stable A PR needs a backport to the stable release. labels Jan 25, 2021
SuperSandro2000
SuperSandro2000 reviewed Jan 25, 2021
View reviewed changes
Copy link
Member

@SuperSandro2000 SuperSandro2000 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe we want to remove it entirely because it has no maintainer either.

@ofborg ofborg bot added 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin 10.rebuild-linux: 0 This PR does not cause any packages to rebuild on Linux labels Jan 25, 2021
@dotlambda
Copy link
Member Author

Maybe we want to remove it entirely because it has no maintainer either.

It is at the most recent version (see https://github.com/OpenTSDB/opentsdb/releases) and the repo had a commit as recently as October, so as long as it's working I wouldn't remove it.

@SuperSandro2000 SuperSandro2000 merged commit b7097b6 into NixOS:master Jan 25, 2021
@dotlambda dotlambda deleted the opentsdb-insecure branch January 25, 2021 17:56
@dotlambda
Copy link
Member Author

backport: #110801

@erictapen erictapen added 8.has: port to stable A PR already has a backport to the stable release. and removed 9.needs: port to stable A PR needs a backport to the stable release. labels Jan 27, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@SuperSandro2000 SuperSandro2000

@rickynils rickynils

@gebner gebner

@vcunat vcunat

Assignees
No one assigned
Labels
1.severity: security Issues which raise a security issue, or PRs that fix one 8.has: port to stable A PR already has a backport to the stable release. 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin 10.rebuild-linux: 0 This PR does not cause any packages to rebuild on Linux
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Vulnerability roundup 98: opentsdb-2.4.0: 1 advisory [9.8]
3 participants
@dotlambda @SuperSandro2000 @erictapen