New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
sqlite: 3.30.1 -> 3.31.0 (security) #78320
Conversation
Needs to go to staging. |
Yes. this triggers a mass rebuild, but it also target some severe CVEs. |
Still needs to go to staging, I think. Otherwise all of master is blocked for a while, and if there was some critical fix to some other thing that didn’t cause so many rebuilds, it wouldn’t be able to get through as quickly as it should be able to because of all the SQLite rebuilds. |
Ok, will rebase and update the PR. |
7ae6807
to
4774034
Compare
I am still very confused by the fact that the changelog mentiones none of the fixes, though the NVD links to Github commits clearly show that commits were made and are in the 3.31.0 release. Are these CVEs not release note worthy? |
4774034
to
6dfe216
Compare
@GrahamcOfBorg test grafana matrix-synapse |
The tests timed out/failed because dependencies apparently don't currently build on |
@disassembler @worldofpeace we may want this in 20.03, but there are always some regressions when updating sqlite. |
Motivation for this change
Related to #77944
Related to #77271
Related to #76033
Related to #76032
Things done
sandbox
innix.conf
on non-NixOS linux)nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
./result/bin/
)nix path-info -S
before and after)