Skip to content

gsoap: 2.8.42 -> 2.8.49 #27484

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 19, 2017
Merged

gsoap: 2.8.42 -> 2.8.49 #27484

merged 1 commit into from
Jul 19, 2017
+20 −7

Conversation

peterhoeg
Copy link
Member

Motivation for this change

Fixes: CVE-2017-9765

http://blog.senr.io/blog/devils-ivy-flaw-in-widely-used-third-party-code-impacts-millions

@grahamc, are you OK with the other minor changes in this PR going into stable? There are no derivations in nixpkgs that depend on gsoap.

Things done
  • Tested using sandboxing
    (nix.useSandbox on NixOS,
    or option build-use-sandbox in nix.conf
    on non-NixOS)
  • Built on platform(s)
    • NixOS
    • macOS
    • Linux
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nox --run "nox-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Fits CONTRIBUTING.md.

Sorry, something went wrong.

@mention-bot
Copy link

@peterhoeg, thanks for your PR! By analyzing the history of the files in this pull request, we identified @rbvermaa, @NeQuissimus and @globin to be potential reviewers.

@Mic92
Copy link
Member

Mic92 commented Jul 19, 2017

yes, back-porting security fixes is recommend.

@Mic92 Mic92 added the 1.severity: security Issues which raise a security issue, or PRs that fix one label Jul 19, 2017
@grahamc
Copy link
Member

grahamc commented Jul 19, 2017 via email

@fpletz fpletz merged commit b2f1951 into NixOS:release-17.03 Jul 19, 2017
@peterhoeg peterhoeg deleted the f/gsoap_stable branch July 20, 2017 00:23
@peterhoeg peterhoeg restored the f/gsoap_stable branch July 20, 2017 00:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
1.severity: security Issues which raise a security issue, or PRs that fix one
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@peterhoeg @mention-bot @Mic92 @grahamc @fpletz