Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

mullvad-vpn: 2020.2 -> 2020.3 #80721

Merged
merged 1 commit into from Apr 1, 2020
Merged

mullvad-vpn: 2020.2 -> 2020.3 #80721

merged 1 commit into from Apr 1, 2020

Conversation

emacsomancer
Copy link
Contributor

  • Security update:
    Fix stack overflow caused by WireGuard key rotation timers. When the daemon
    crashed it was restarted automatically. But it did not connect (depending
    on settings), leaving a leak.
Motivation for this change
Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS linux)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Ensured that relevant documentation is up to date
  • Fits CONTRIBUTING.md.

@emacsomancer
mullvad-vpn: 2020.2 -> 2020.3
119ed06 
- Security update:
Fix stack overflow caused by WireGuard key rotation timers. When the daemon
crashed it was restarted automatically. But it did not connect (depending
on settings), leaving a leak.
KamilaBorowska
KamilaBorowska approved these changes Feb 21, 2020
View reviewed changes
Copy link
Member

@KamilaBorowska KamilaBorowska left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems really serious. Note to whoever merges this: please also backport this to 19.09 and 20.03.

jD91mZM2
jD91mZM2 approved these changes Mar 13, 2020
View reviewed changes
Copy link
Member

@jD91mZM2 jD91mZM2 left a comment
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nothing seems broken so far, good to merge!

@06kellyjac
Copy link
Member

It's great this has been approved but I'd be even better if this could be merged too 😅

@cgevans
Copy link
Contributor

cgevans commented Mar 27, 2020
edited

In testing this, I found that, at least at the moment, downloads from mullvad.net are extremely slow. If this isn't a one-time problem, would it make sense to use their github download instead (eg, url = "https://github.com/mullvad/mullvadvpn-app/releases/download/${version}/MullvadVPN-${version}_amd64.deb";)? Since github is already used frequently in derivations, this seems less likely to fail/hang from connectivity problems.

However, other than that, I have tested this update and it is working for me (alongside pr #70762).

@cgevans cgevans mentioned this pull request Mar 28, 2020
Merged
10 tasks
@marsam marsam merged commit dd1068f into NixOS:master Apr 1, 2020
@06kellyjac
Copy link
Member

Thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@KamilaBorowska KamilaBorowska KamilaBorowska approved these changes

@Br1ght0ne Br1ght0ne Br1ght0ne approved these changes

@jD91mZM2 jD91mZM2 jD91mZM2 approved these changes

Assignees
No one assigned
Labels
10.rebuild-darwin: 0 10.rebuild-linux: 1-10
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
7 participants
@emacsomancer @06kellyjac @cgevans @KamilaBorowska @Br1ght0ne @jD91mZM2 @marsam