Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

exiv2: include recent Debian security patches #44464

Closed
wants to merge 1 commit into from
Closed

exiv2: include recent Debian security patches #44464

wants to merge 1 commit into from

Conversation

ckauhaus
Copy link
Contributor

@ckauhaus ckauhaus commented Aug 4, 2018

Motivation for this change

This patchset contains patches against:

Also adding GPL2 license.

Re #44457 (vulnerability roundup 46 - master)
Re #43716 (add missing licenses)

Please cherry pick to 18.03 if build on master is successful.

Re #44458 (vulnerability roundup 46 - 18.03)

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions: Ubuntu
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of some pkgs that depend on this change: darktable, digikam
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after): 34613256 -> 34613688
  • Fits CONTRIBUTING.md

exiv2: include recent Debian security patches
18e0d4f 
This patchset contains patches against:

* CVE-2018-10998
* CVE-2018-11531
* CVE-2018-12264
* CVE-2018-12265

Also adding GPL2 license.

Re NixOS#44457 (vulnerability roundup 46 - master)
Re NixOS#43716 (add missing licenses)

Please cherry pick to 18.03 if build on master is successful.

Re NixOS#44458 (vulnerability roundup 46 - 18.03)
@vcunat
Copy link
Member

vcunat commented Aug 4, 2018
edited

Uh, I actually just finished another approach to this :-)

@vcunat vcunat mentioned this pull request Aug 4, 2018
Merged
9 tasks
@vcunat
Copy link
Member

vcunat commented Aug 4, 2018

Well, opened as #44466 – it sounds like fixing also some non-security bugs, so perhaps we might take yours to 18.03 and mine to master. I don't know :-)

@ckauhaus
Copy link
Contributor Author

ckauhaus commented Aug 5, 2018

@vcunat I'm perfectly fine using your stuff on master and my stuff only on 18.03 as it is the smaller change.

@vcunat
Copy link
Member

vcunat commented Aug 5, 2018

In 18.03 as 2d2c2df (wrongly back-referenced).

@vcunat vcunat closed this Aug 5, 2018
@ckauhaus ckauhaus deleted the exiv2-debianpatches branch August 6, 2018 10:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
10.rebuild-darwin: 11-100 10.rebuild-linux: 101-500
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@ckauhaus @vcunat @GrahamcOfBorg