Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

go_1_10: 1.10 -> 1.10.1, g_1_9: 1.9.4 -> 1.9.5 #38233

Merged
merged 2 commits into from Apr 4, 2018
Merged

go_1_10: 1.10 -> 1.10.1, g_1_9: 1.9.4 -> 1.9.5 #38233

merged 2 commits into from Apr 4, 2018

Conversation

andir
Copy link
Member

@andir andir commented Mar 31, 2018
edited

Motivation for this change

This updates go to the latest version of the golang 1.9 & 1.10 branches.
A few minor (but important) things are fixed in this version(s).

Below are the details for the 1.10 changes. Read the commit message for details about the 1.9 changes.

  • CVE-2018-7187 - arbitrary code execution in go get (when used with
    --insecure) [1]
  • Extended Key Usage verification in client certificate scenarios [3]
  • a bunch of stability changes

The full list of changes can se been on GitHub [2] & [4].

[1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7187
[2] https://github.com/golang/go/issues?q=milestone%3AGo1.10.1
[3] golang/go#23884
[4] golang/go#24563

Currently running a (re)build of all affected expressions on x86_64-linux.

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option build-use-sandbox in nix.conf on non-NixOS)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nox --run "nox-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Fits CONTRIBUTING.md.

@andir
go_1_10: 1.10 -> 1.10.1
568d30b 
This updates go to the latest version of the golang 1.10 branch.
A few minor (but important) things are fixed in this version:

* CVE-2018-7187 - arbitrary code execution in `go get` (when used with
  --insecure) [1]
* Extended Key Usage verification in client certificate scenarios [3]
* a bunch of stability changes

The full list of changes can se been on GitHub [2] & [4].

[1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7187
[2] https://github.com/golang/go/issues?q=milestone%3AGo1.10.1
[3] golang/go#23884
[4] golang/go#24563
@GrahamcOfBorg
Copy link

Success on x86_64-linux (full log)

Attempted: go_1_10

Partial log (click to expand)

cannot find section .dynamic
cannot find section .dynamic
cannot find section .dynamic
cannot find section .dynamic
cannot find section .dynamic
cannot find section .dynamic
cannot find section .dynamic
cannot find section .dynamic
cannot find section .dynamic
/nix/store/bw0gaaplq0n4yyb7qjd40k6qhwra1c4h-go-1.10.1

@GrahamcOfBorg
Copy link

Success on x86_64-darwin (full log)

Attempted: go_1_10

Partial log (click to expand)


ALL TESTS PASSED
---
Installed Go for darwin/amd64 in /nix/store/mq3abn6w0larkrmjsk203x3cp451md4r-go-1.10.1/share/go
Installed commands in /nix/store/mq3abn6w0larkrmjsk203x3cp451md4r-go-1.10.1/share/go/bin
post-installation fixup
strip is /nix/store/0fzpxnsanc02i4jsb1yhchjp4p62b2n3-cctools-binutils-darwin/bin/strip
stripping (with command strip and flags -S) in /nix/store/mq3abn6w0larkrmjsk203x3cp451md4r-go-1.10.1/bin
patching script interpreter paths in /nix/store/mq3abn6w0larkrmjsk203x3cp451md4r-go-1.10.1
/nix/store/mq3abn6w0larkrmjsk203x3cp451md4r-go-1.10.1

@GrahamcOfBorg
Copy link

Success on aarch64-linux (full log)

Attempted: go_1_10

Partial log (click to expand)

wrong ELF type
wrong ELF type
wrong ELF type
wrong ELF type
wrong ELF type
wrong ELF type
cannot find section .dynamic
cannot find section .dynamic
cannot find section .dynamic
/nix/store/ndv4qr7zgi0jzbggird9979jzq5y6ia3-go-1.10.1

@andir
Copy link
Member Author

andir commented Mar 31, 2018

Trying some other packages (to see what the other arches are like)

@GrahamcOfBorg build gopass docker prometheus

@GrahamcOfBorg
Copy link

Success on aarch64-linux (full log)

Attempted: gopass, docker, prometheus

Partial log (click to expand)

shrinking /nix/store/qq68fzbkfb0whq738py2hjib7qvvymq8-docker-18.03.0-ce/libexec/docker/dockerd
patching script interpreter paths in /nix/store/qq68fzbkfb0whq738py2hjib7qvvymq8-docker-18.03.0-ce
checking for references to /build in /nix/store/qq68fzbkfb0whq738py2hjib7qvvymq8-docker-18.03.0-ce...
shrinking RPATHs of ELF executables and libraries in /nix/store/n5v5hm0yn1gswqnhm73nsy2rf25iif7d-docker-18.03.0-ce-man
gzipping man pages under /nix/store/n5v5hm0yn1gswqnhm73nsy2rf25iif7d-docker-18.03.0-ce-man/share/man/
patching script interpreter paths in /nix/store/n5v5hm0yn1gswqnhm73nsy2rf25iif7d-docker-18.03.0-ce-man
checking for references to /build in /nix/store/n5v5hm0yn1gswqnhm73nsy2rf25iif7d-docker-18.03.0-ce-man...
/nix/store/whjpf09mxzwv69xralhczgh1vbpxg7ws-gopass-1.6.11-bin
/nix/store/qq68fzbkfb0whq738py2hjib7qvvymq8-docker-18.03.0-ce
/nix/store/q3m8rw4pdninx5wp0g703hr8xc2y0rdz-prometheus-1.8.1-bin

@GrahamcOfBorg
Copy link

Success on x86_64-linux (full log)

Attempted: gopass, docker, prometheus

Partial log (click to expand)

shrinking /nix/store/b39yib2lzarb2crdk34zg6ryq5nkhbgd-docker-18.03.0-ce/libexec/docker/dockerd
patching script interpreter paths in /nix/store/b39yib2lzarb2crdk34zg6ryq5nkhbgd-docker-18.03.0-ce
checking for references to /build in /nix/store/b39yib2lzarb2crdk34zg6ryq5nkhbgd-docker-18.03.0-ce...
shrinking RPATHs of ELF executables and libraries in /nix/store/jjkjfljx6l0zvcj3l3v6clf3wdq3m5xz-docker-18.03.0-ce-man
gzipping man pages under /nix/store/jjkjfljx6l0zvcj3l3v6clf3wdq3m5xz-docker-18.03.0-ce-man/share/man/
patching script interpreter paths in /nix/store/jjkjfljx6l0zvcj3l3v6clf3wdq3m5xz-docker-18.03.0-ce-man
checking for references to /build in /nix/store/jjkjfljx6l0zvcj3l3v6clf3wdq3m5xz-docker-18.03.0-ce-man...
/nix/store/49d3i06b6s4fdr894s5ar16mw1vjk2pc-gopass-1.6.11-bin
/nix/store/b39yib2lzarb2crdk34zg6ryq5nkhbgd-docker-18.03.0-ce
/nix/store/0zjs2xdsljsb4wm6y330q40l7ldwjylh-prometheus-1.8.1-bin

@GrahamcOfBorg
Copy link

Success on x86_64-darwin (full log)

Attempted: gopass, docker, prometheus

Partial log (click to expand)

patching script interpreter paths in /nix/store/lfr4ggr3j1v1ccyf9ww7vhvigw69i93i-prometheus-1.8.1-bin
strip is /nix/store/0fzpxnsanc02i4jsb1yhchjp4p62b2n3-cctools-binutils-darwin/bin/strip
patching script interpreter paths in /nix/store/cc209m56g48x1mx132fv1fhvjq1sjpcf-prometheus-1.8.1
/nix/store/cc209m56g48x1mx132fv1fhvjq1sjpcf-prometheus-1.8.1/share/go/src/github.com/prometheus/prometheus/scripts/check_license.sh: interpreter directive changed from "/bin/sh" to "/nix/store/x030a63qdilnv02pkivfjg44pdxsh5km-bash-4.4-p19/bin/sh"
/nix/store/cc209m56g48x1mx132fv1fhvjq1sjpcf-prometheus-1.8.1/share/go/src/github.com/prometheus/prometheus/vendor/google.golang.org/appengine/internal/regen.sh: interpreter directive changed from "/bin/bash -e" to "/nix/store/x030a63qdilnv02pkivfjg44pdxsh5km-bash-4.4-p19/bin/bash -e"
/nix/store/cc209m56g48x1mx132fv1fhvjq1sjpcf-prometheus-1.8.1/share/go/src/github.com/prometheus/prometheus/vendor/golang.org/x/sys/unix/mkall.sh: interpreter directive changed from "/usr/bin/env bash" to "/nix/store/x030a63qdilnv02pkivfjg44pdxsh5km-bash-4.4-p19/bin/bash"
/nix/store/cc209m56g48x1mx132fv1fhvjq1sjpcf-prometheus-1.8.1/share/go/src/github.com/prometheus/prometheus/vendor/golang.org/x/sys/unix/mkerrors.sh: interpreter directive changed from "/usr/bin/env bash" to "/nix/store/x030a63qdilnv02pkivfjg44pdxsh5km-bash-4.4-p19/bin/bash"
/nix/store/zwbg2v2chcksq201nzfa5jl6kd199nx4-gopass-1.6.11-bin
/nix/store/rhn5mn4zphwfv131cvkx01wk6q61xwyp-docker-18.03.0-ce
/nix/store/lfr4ggr3j1v1ccyf9ww7vhvigw69i93i-prometheus-1.8.1-bin

Mic92
Mic92 approved these changes Mar 31, 2018
View reviewed changes
Copy link
Member

@Mic92 Mic92 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Are older versions of go also affected?

@Mic92 Mic92 added 1.severity: security 9.needs: port to stable A PR needs a backport to the stable release. labels Mar 31, 2018
@andir
Copy link
Member Author

andir commented Mar 31, 2018

@Mic92 yes, according to https://go-review.googlesource.com/c/go/+/102776 there is also a patch for 1.9.5. I'll try to test that later tonight.

@andir
go_1_9: 1.9.4 -> 1.9.5
e9f74b9 
This is a maintenance bump of the golang 1.9 version.

Within the updates are a few bug fixes including an (extended?)
fix for CVE-2018-7187 [1].

The complete changelog is available at the golang GitHub project [2].

[1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7187
[2] https://github.com/golang/go/issues?q=milestone%3AGo1.9.5
@andir andir changed the title go_1_10: 1.10 -> 1.10.1 go_1_10: 1.10 -> 1.10.1, g_1_9: 1.9.4 -> 1.9.5 Apr 1, 2018
@andir
Copy link
Member Author

andir commented Apr 1, 2018

I added the changes for golang 1.9.5 to this PR.

Running a rebuild of all affected packages right now.

@GrahamcOfBorg
Copy link

Success on x86_64-linux (full log)

Attempted: go_1_10, go_1_9

Partial log (click to expand)

cannot find section .dynamic
cannot find section .dynamic
cannot find section .dynamic
cannot find section .dynamic
cannot find section .dynamic
cannot find section .dynamic
cannot find section .dynamic
cannot find section .dynamic
/nix/store/bw0gaaplq0n4yyb7qjd40k6qhwra1c4h-go-1.10.1
/nix/store/ybmqsky9dx2lqixb1sghcbgymn8glbc2-go-1.9.5

@GrahamcOfBorg
Copy link

Success on aarch64-linux (full log)

Attempted: go_1_10, go_1_9

Partial log (click to expand)

wrong ELF type
wrong ELF type
wrong ELF type
wrong ELF type
wrong ELF type
cannot find section .dynamic
cannot find section .dynamic
cannot find section .dynamic
/nix/store/ndv4qr7zgi0jzbggird9979jzq5y6ia3-go-1.10.1
/nix/store/8x84s8yi9nry1ipa84dq81ryv129i63h-go-1.9.5

@GrahamcOfBorg
Copy link

Failure on x86_64-darwin (full log)

Attempted: go_1_10, go_1_9

Partial log (click to expand)

patching script interpreter paths in /nix/store/1cwykw0y69hfzg18rnyaaf09qmq8awa4-go-1.9.5

##### ../test/bench/go1
testing: warning: no tests to run
PASS
ok      _/nix/store/mq3abn6w0larkrmjsk203x3cp451md4r-go-1.10.1/share/go/test/bench/go1  29.334s

##### ../test
building of '/nix/store/j5glijam5hvnvwc3g6asd8yjf049nr9j-go-1.10.1.drv' timed out after 1800 seconds
�[31;1merror:�[0m build of '/nix/store/j5glijam5hvnvwc3g6asd8yjf049nr9j-go-1.10.1.drv' failed

@Mic92
Copy link
Member

Mic92 commented Apr 1, 2018

@GrahamcOfBorg build kubernetes
(for go 1.9)

@GrahamcOfBorg
Copy link

Success on x86_64-linux (full log)

Attempted: kubernetes

Partial log (click to expand)

strip is /nix/store/fzcs0fn6bb04m82frhlb78nc03ny3w55-binutils-2.28.1/bin/strip
patching script interpreter paths in /nix/store/4ipa16id665l3l6ws3ry2x81fyvvn961-kubernetes-1.9.1-man
checking for references to /build in /nix/store/4ipa16id665l3l6ws3ry2x81fyvvn961-kubernetes-1.9.1-man...
shrinking RPATHs of ELF executables and libraries in /nix/store/avswr6fgr1cbfqdf6pg1yi7xn4aw0i2z-kubernetes-1.9.1-pause
shrinking /nix/store/avswr6fgr1cbfqdf6pg1yi7xn4aw0i2z-kubernetes-1.9.1-pause/bin/pause
strip is /nix/store/fzcs0fn6bb04m82frhlb78nc03ny3w55-binutils-2.28.1/bin/strip
stripping (with command strip and flags -S) in /nix/store/avswr6fgr1cbfqdf6pg1yi7xn4aw0i2z-kubernetes-1.9.1-pause/bin
patching script interpreter paths in /nix/store/avswr6fgr1cbfqdf6pg1yi7xn4aw0i2z-kubernetes-1.9.1-pause
checking for references to /build in /nix/store/avswr6fgr1cbfqdf6pg1yi7xn4aw0i2z-kubernetes-1.9.1-pause...
/nix/store/iiyhx0gfal70mgia0db2jdk0acl7vdzx-kubernetes-1.9.1

@GrahamcOfBorg
Copy link

Success on aarch64-linux (full log)

Attempted: kubernetes

Partial log (click to expand)

strip is /nix/store/3zq400fri5dv7d30lpxlqm2v9y1iis6j-binutils-2.28.1/bin/strip
patching script interpreter paths in /nix/store/sgnj49qy8blb634g1vi6n1lq09nfmc1i-kubernetes-1.9.1-man
checking for references to /build in /nix/store/sgnj49qy8blb634g1vi6n1lq09nfmc1i-kubernetes-1.9.1-man...
shrinking RPATHs of ELF executables and libraries in /nix/store/icbqlq7pcyfkv1d0rszgmd77ldf17gp9-kubernetes-1.9.1-pause
shrinking /nix/store/icbqlq7pcyfkv1d0rszgmd77ldf17gp9-kubernetes-1.9.1-pause/bin/pause
strip is /nix/store/3zq400fri5dv7d30lpxlqm2v9y1iis6j-binutils-2.28.1/bin/strip
stripping (with command strip and flags -S) in /nix/store/icbqlq7pcyfkv1d0rszgmd77ldf17gp9-kubernetes-1.9.1-pause/bin
patching script interpreter paths in /nix/store/icbqlq7pcyfkv1d0rszgmd77ldf17gp9-kubernetes-1.9.1-pause
checking for references to /build in /nix/store/icbqlq7pcyfkv1d0rszgmd77ldf17gp9-kubernetes-1.9.1-pause...
/nix/store/y4gybxhf7j1zd9baaq1vpvp6acv30rc5-kubernetes-1.9.1

@GrahamcOfBorg
Copy link

Failure on x86_64-darwin (full log)

Attempted: kubernetes

Partial log (click to expand)

    cmd/kubectl
    cmd/kubelet
    cmd/kube-apiserver
    cmd/kube-controller-manager
    cmd/kube-proxy
    plugin/cmd/kube-scheduler
    test/e2e/e2e.test
    *******
building of '/nix/store/0gjv8l2lp1ryn2a4z9p3saqqd1zscw19-kubernetes-1.9.1.drv' timed out after 1800 seconds
�[31;1merror:�[0m build of '/nix/store/0gjv8l2lp1ryn2a4z9p3saqqd1zscw19-kubernetes-1.9.1.drv' failed

@Mic92 Mic92 merged commit b41e506 into NixOS:master Apr 4, 2018
@Mic92
Copy link
Member

Mic92 commented Apr 4, 2018

18.03:

[detached HEAD ba49d72] go_1_10: 1.10 -> 1.10.1
Author: Andreas Rammhold andreas@rammhold.de
Date: Sat Mar 31 16:53:10 2018 +0200
1 file changed, 2 insertions(+), 2 deletions(-)
[detached HEAD 41164d9] go_1_9: 1.9.4 -> 1.9.5
Author: Andreas Rammhold andreas@rammhold.de
Date: Sun Apr 1 12:44:08 2018 +0200
1 file changed, 2 insertions(+), 2 deletions(-)

17.09 could also need a backport ...

@Mic92
Copy link
Member

Mic92 commented Apr 4, 2018

17.09:

[detached HEAD aa63817] go: 1.9.2 -> 1.9.3
Author: adisbladis adis@blad.is
Date: Wed Jan 24 18:05:55 2018 +0800
1 file changed, 2 insertions(+), 2 deletions(-)
[detached HEAD 121df5f] go: Scale up test timeouts
Author: Tuomas Tynkkynen tuomas@tuxera.com
Date: Fri Jan 26 03:49:24 2018 +0200
1 file changed, 2 insertions(+)
[detached HEAD 357efa3] go_1_9: 1.9.3 -> 1.9.4
Author: adisbladis adis@blad.is
Date: Sun Feb 11 00:47:50 2018 +0800
1 file changed, 2 insertions(+), 2 deletions(-)
warning: inexact rename detection was skipped due to too many files.
warning: you may want to set your merge.renamelimit variable to at least 2332 and retry the command.
[detached HEAD 4e9fa5c] go_1_9: 1.9.4 -> 1.9.5
Author: Andreas Rammhold andreas@rammhold.de
Date: Sun Apr 1 12:44:08 2018 +0200

@samueldr samueldr removed the 9.needs: port to stable A PR needs a backport to the stable release. label Apr 17, 2019
bclaud added a commit to nixpkgs-friendly/nixpkgs-friendly that referenced this pull request Mar 19, 2024
@bclaud
quarkus-cli: init 3.2.11.Final
0c5d3ac 
Release: https://github.com/quarkusio/quarkus/releases/tag/3.2.11.Final

Complete changelog

    NixOS#35659 - Fix File handling as a JAX-RS body parameter
    NixOS#37153 - Bump smallrye-jwt version to 4.4.0
    NixOS#38233 - Bump resteasy.version from 6.2.6.Final to 6.2.7.Final
    NixOS#38236 - Adding a decorator causes bytecode error
    NixOS#38362 - Register JDBC RowSet required bundle
    NixOS#38370 - Include RowSet properties file in native image
    NixOS#38429 - Replace {project-name} attribute in document title for downstream
    NixOS#38430 - Avoid dots in config doc ids as it's causing issues for downstream
    NixOS#38580 - Make the Forwarded Parser syntax parsing case-insensitive
    NixOS#38648 - More documentation adjustments for new downstream tooling
    NixOS#38649 - Use [[anchor]] format consistently
    NixOS#38748 - Sanitize app.dekorate.io/vcs-url kubernetes annotation
    NixOS#38755 - Log when a RestEasy Reactive client close method is called
    NixOS#38785 - ArC: fix interception when some methods return void
    NixOS#38865 - Update commons-compress version to mitigate CVE-2024-25710
superherointj pushed a commit to nixpkgs-friendly/nixpkgs-friendly that referenced this pull request Mar 21, 2024
@bclaud @superherointj
quarkus-cli: init 3.2.11.Final
3c3d32d 
Release: https://github.com/quarkusio/quarkus/releases/tag/3.2.11.Final

Complete changelog

    NixOS#35659 - Fix File handling as a JAX-RS body parameter
    NixOS#37153 - Bump smallrye-jwt version to 4.4.0
    NixOS#38233 - Bump resteasy.version from 6.2.6.Final to 6.2.7.Final
    NixOS#38236 - Adding a decorator causes bytecode error
    NixOS#38362 - Register JDBC RowSet required bundle
    NixOS#38370 - Include RowSet properties file in native image
    NixOS#38429 - Replace {project-name} attribute in document title for downstream
    NixOS#38430 - Avoid dots in config doc ids as it's causing issues for downstream
    NixOS#38580 - Make the Forwarded Parser syntax parsing case-insensitive
    NixOS#38648 - More documentation adjustments for new downstream tooling
    NixOS#38649 - Use [[anchor]] format consistently
    NixOS#38748 - Sanitize app.dekorate.io/vcs-url kubernetes annotation
    NixOS#38755 - Log when a RestEasy Reactive client close method is called
    NixOS#38785 - ArC: fix interception when some methods return void
    NixOS#38865 - Update commons-compress version to mitigate CVE-2024-25710
superherointj pushed a commit to nixpkgs-friendly/nixpkgs-friendly that referenced this pull request Mar 22, 2024
@bclaud @superherointj
quarkus-cli: init 3.2.11.Final
d2a5ab9 
Release: https://github.com/quarkusio/quarkus/releases/tag/3.2.11.Final

Complete changelog

    NixOS#35659 - Fix File handling as a JAX-RS body parameter
    NixOS#37153 - Bump smallrye-jwt version to 4.4.0
    NixOS#38233 - Bump resteasy.version from 6.2.6.Final to 6.2.7.Final
    NixOS#38236 - Adding a decorator causes bytecode error
    NixOS#38362 - Register JDBC RowSet required bundle
    NixOS#38370 - Include RowSet properties file in native image
    NixOS#38429 - Replace {project-name} attribute in document title for downstream
    NixOS#38430 - Avoid dots in config doc ids as it's causing issues for downstream
    NixOS#38580 - Make the Forwarded Parser syntax parsing case-insensitive
    NixOS#38648 - More documentation adjustments for new downstream tooling
    NixOS#38649 - Use [[anchor]] format consistently
    NixOS#38748 - Sanitize app.dekorate.io/vcs-url kubernetes annotation
    NixOS#38755 - Log when a RestEasy Reactive client close method is called
    NixOS#38785 - ArC: fix interception when some methods return void
    NixOS#38865 - Update commons-compress version to mitigate CVE-2024-25710
superherointj pushed a commit to nixpkgs-friendly/nixpkgs-friendly that referenced this pull request Mar 24, 2024
@bclaud @superherointj
quarkus-cli: init 3.2.11.Final
62b4325 
Release: https://github.com/quarkusio/quarkus/releases/tag/3.2.11.Final

Complete changelog

    NixOS#35659 - Fix File handling as a JAX-RS body parameter
    NixOS#37153 - Bump smallrye-jwt version to 4.4.0
    NixOS#38233 - Bump resteasy.version from 6.2.6.Final to 6.2.7.Final
    NixOS#38236 - Adding a decorator causes bytecode error
    NixOS#38362 - Register JDBC RowSet required bundle
    NixOS#38370 - Include RowSet properties file in native image
    NixOS#38429 - Replace {project-name} attribute in document title for downstream
    NixOS#38430 - Avoid dots in config doc ids as it's causing issues for downstream
    NixOS#38580 - Make the Forwarded Parser syntax parsing case-insensitive
    NixOS#38648 - More documentation adjustments for new downstream tooling
    NixOS#38649 - Use [[anchor]] format consistently
    NixOS#38748 - Sanitize app.dekorate.io/vcs-url kubernetes annotation
    NixOS#38755 - Log when a RestEasy Reactive client close method is called
    NixOS#38785 - ArC: fix interception when some methods return void
    NixOS#38865 - Update commons-compress version to mitigate CVE-2024-25710
superherointj pushed a commit to nixpkgs-friendly/nixpkgs-friendly that referenced this pull request Mar 26, 2024
@bclaud @superherointj
quarkus-cli: init 3.2.11.Final
16a3e3f 
Release: https://github.com/quarkusio/quarkus/releases/tag/3.2.11.Final

Complete changelog

    NixOS#35659 - Fix File handling as a JAX-RS body parameter
    NixOS#37153 - Bump smallrye-jwt version to 4.4.0
    NixOS#38233 - Bump resteasy.version from 6.2.6.Final to 6.2.7.Final
    NixOS#38236 - Adding a decorator causes bytecode error
    NixOS#38362 - Register JDBC RowSet required bundle
    NixOS#38370 - Include RowSet properties file in native image
    NixOS#38429 - Replace {project-name} attribute in document title for downstream
    NixOS#38430 - Avoid dots in config doc ids as it's causing issues for downstream
    NixOS#38580 - Make the Forwarded Parser syntax parsing case-insensitive
    NixOS#38648 - More documentation adjustments for new downstream tooling
    NixOS#38649 - Use [[anchor]] format consistently
    NixOS#38748 - Sanitize app.dekorate.io/vcs-url kubernetes annotation
    NixOS#38755 - Log when a RestEasy Reactive client close method is called
    NixOS#38785 - ArC: fix interception when some methods return void
    NixOS#38865 - Update commons-compress version to mitigate CVE-2024-25710
superherointj pushed a commit to nixpkgs-friendly/nixpkgs-friendly that referenced this pull request Mar 31, 2024
@bclaud @superherointj
quarkus-cli: init 3.2.11.Final
c02440f 
Release: https://github.com/quarkusio/quarkus/releases/tag/3.2.11.Final

Complete changelog

    NixOS#35659 - Fix File handling as a JAX-RS body parameter
    NixOS#37153 - Bump smallrye-jwt version to 4.4.0
    NixOS#38233 - Bump resteasy.version from 6.2.6.Final to 6.2.7.Final
    NixOS#38236 - Adding a decorator causes bytecode error
    NixOS#38362 - Register JDBC RowSet required bundle
    NixOS#38370 - Include RowSet properties file in native image
    NixOS#38429 - Replace {project-name} attribute in document title for downstream
    NixOS#38430 - Avoid dots in config doc ids as it's causing issues for downstream
    NixOS#38580 - Make the Forwarded Parser syntax parsing case-insensitive
    NixOS#38648 - More documentation adjustments for new downstream tooling
    NixOS#38649 - Use [[anchor]] format consistently
    NixOS#38748 - Sanitize app.dekorate.io/vcs-url kubernetes annotation
    NixOS#38755 - Log when a RestEasy Reactive client close method is called
    NixOS#38785 - ArC: fix interception when some methods return void
    NixOS#38865 - Update commons-compress version to mitigate CVE-2024-25710
superherointj pushed a commit to nixpkgs-friendly/nixpkgs-friendly that referenced this pull request Apr 5, 2024
@bclaud @superherointj
quarkus-cli: init 3.2.11.Final
9be6713 
Release: https://github.com/quarkusio/quarkus/releases/tag/3.2.11.Final

Complete changelog

    NixOS#35659 - Fix File handling as a JAX-RS body parameter
    NixOS#37153 - Bump smallrye-jwt version to 4.4.0
    NixOS#38233 - Bump resteasy.version from 6.2.6.Final to 6.2.7.Final
    NixOS#38236 - Adding a decorator causes bytecode error
    NixOS#38362 - Register JDBC RowSet required bundle
    NixOS#38370 - Include RowSet properties file in native image
    NixOS#38429 - Replace {project-name} attribute in document title for downstream
    NixOS#38430 - Avoid dots in config doc ids as it's causing issues for downstream
    NixOS#38580 - Make the Forwarded Parser syntax parsing case-insensitive
    NixOS#38648 - More documentation adjustments for new downstream tooling
    NixOS#38649 - Use [[anchor]] format consistently
    NixOS#38748 - Sanitize app.dekorate.io/vcs-url kubernetes annotation
    NixOS#38755 - Log when a RestEasy Reactive client close method is called
    NixOS#38785 - ArC: fix interception when some methods return void
    NixOS#38865 - Update commons-compress version to mitigate CVE-2024-25710
superherointj pushed a commit to nixpkgs-friendly/nixpkgs-friendly that referenced this pull request Apr 7, 2024
@bclaud @superherointj
quarkus-cli: init 3.2.11.Final
6548084 
Release: https://github.com/quarkusio/quarkus/releases/tag/3.2.11.Final

Complete changelog

    NixOS#35659 - Fix File handling as a JAX-RS body parameter
    NixOS#37153 - Bump smallrye-jwt version to 4.4.0
    NixOS#38233 - Bump resteasy.version from 6.2.6.Final to 6.2.7.Final
    NixOS#38236 - Adding a decorator causes bytecode error
    NixOS#38362 - Register JDBC RowSet required bundle
    NixOS#38370 - Include RowSet properties file in native image
    NixOS#38429 - Replace {project-name} attribute in document title for downstream
    NixOS#38430 - Avoid dots in config doc ids as it's causing issues for downstream
    NixOS#38580 - Make the Forwarded Parser syntax parsing case-insensitive
    NixOS#38648 - More documentation adjustments for new downstream tooling
    NixOS#38649 - Use [[anchor]] format consistently
    NixOS#38748 - Sanitize app.dekorate.io/vcs-url kubernetes annotation
    NixOS#38755 - Log when a RestEasy Reactive client close method is called
    NixOS#38785 - ArC: fix interception when some methods return void
    NixOS#38865 - Update commons-compress version to mitigate CVE-2024-25710
superherointj pushed a commit to nixpkgs-friendly/nixpkgs-friendly that referenced this pull request Apr 9, 2024
@bclaud @superherointj
quarkus-cli: init 3.2.11.Final
2179bf8 
Release: https://github.com/quarkusio/quarkus/releases/tag/3.2.11.Final

Complete changelog

    NixOS#35659 - Fix File handling as a JAX-RS body parameter
    NixOS#37153 - Bump smallrye-jwt version to 4.4.0
    NixOS#38233 - Bump resteasy.version from 6.2.6.Final to 6.2.7.Final
    NixOS#38236 - Adding a decorator causes bytecode error
    NixOS#38362 - Register JDBC RowSet required bundle
    NixOS#38370 - Include RowSet properties file in native image
    NixOS#38429 - Replace {project-name} attribute in document title for downstream
    NixOS#38430 - Avoid dots in config doc ids as it's causing issues for downstream
    NixOS#38580 - Make the Forwarded Parser syntax parsing case-insensitive
    NixOS#38648 - More documentation adjustments for new downstream tooling
    NixOS#38649 - Use [[anchor]] format consistently
    NixOS#38748 - Sanitize app.dekorate.io/vcs-url kubernetes annotation
    NixOS#38755 - Log when a RestEasy Reactive client close method is called
    NixOS#38785 - ArC: fix interception when some methods return void
    NixOS#38865 - Update commons-compress version to mitigate CVE-2024-25710
superherointj pushed a commit to nixpkgs-friendly/nixpkgs-friendly that referenced this pull request Apr 12, 2024
@bclaud @superherointj
quarkus-cli: init 3.2.11.Final
88e8eca 
Release: https://github.com/quarkusio/quarkus/releases/tag/3.2.11.Final

Complete changelog

    NixOS#35659 - Fix File handling as a JAX-RS body parameter
    NixOS#37153 - Bump smallrye-jwt version to 4.4.0
    NixOS#38233 - Bump resteasy.version from 6.2.6.Final to 6.2.7.Final
    NixOS#38236 - Adding a decorator causes bytecode error
    NixOS#38362 - Register JDBC RowSet required bundle
    NixOS#38370 - Include RowSet properties file in native image
    NixOS#38429 - Replace {project-name} attribute in document title for downstream
    NixOS#38430 - Avoid dots in config doc ids as it's causing issues for downstream
    NixOS#38580 - Make the Forwarded Parser syntax parsing case-insensitive
    NixOS#38648 - More documentation adjustments for new downstream tooling
    NixOS#38649 - Use [[anchor]] format consistently
    NixOS#38748 - Sanitize app.dekorate.io/vcs-url kubernetes annotation
    NixOS#38755 - Log when a RestEasy Reactive client close method is called
    NixOS#38785 - ArC: fix interception when some methods return void
    NixOS#38865 - Update commons-compress version to mitigate CVE-2024-25710
superherointj pushed a commit to nixpkgs-friendly/nixpkgs-friendly that referenced this pull request Apr 14, 2024
@bclaud @superherointj
quarkus-cli: init 3.2.11.Final
2327b8f 
Release: https://github.com/quarkusio/quarkus/releases/tag/3.2.11.Final

Complete changelog

    NixOS#35659 - Fix File handling as a JAX-RS body parameter
    NixOS#37153 - Bump smallrye-jwt version to 4.4.0
    NixOS#38233 - Bump resteasy.version from 6.2.6.Final to 6.2.7.Final
    NixOS#38236 - Adding a decorator causes bytecode error
    NixOS#38362 - Register JDBC RowSet required bundle
    NixOS#38370 - Include RowSet properties file in native image
    NixOS#38429 - Replace {project-name} attribute in document title for downstream
    NixOS#38430 - Avoid dots in config doc ids as it's causing issues for downstream
    NixOS#38580 - Make the Forwarded Parser syntax parsing case-insensitive
    NixOS#38648 - More documentation adjustments for new downstream tooling
    NixOS#38649 - Use [[anchor]] format consistently
    NixOS#38748 - Sanitize app.dekorate.io/vcs-url kubernetes annotation
    NixOS#38755 - Log when a RestEasy Reactive client close method is called
    NixOS#38785 - ArC: fix interception when some methods return void
    NixOS#38865 - Update commons-compress version to mitigate CVE-2024-25710
superherointj pushed a commit to nixpkgs-friendly/nixpkgs-friendly that referenced this pull request Apr 16, 2024
@bclaud @superherointj
quarkus-cli: init 3.2.11.Final
85a9cb3 
Release: https://github.com/quarkusio/quarkus/releases/tag/3.2.11.Final

Complete changelog

    NixOS#35659 - Fix File handling as a JAX-RS body parameter
    NixOS#37153 - Bump smallrye-jwt version to 4.4.0
    NixOS#38233 - Bump resteasy.version from 6.2.6.Final to 6.2.7.Final
    NixOS#38236 - Adding a decorator causes bytecode error
    NixOS#38362 - Register JDBC RowSet required bundle
    NixOS#38370 - Include RowSet properties file in native image
    NixOS#38429 - Replace {project-name} attribute in document title for downstream
    NixOS#38430 - Avoid dots in config doc ids as it's causing issues for downstream
    NixOS#38580 - Make the Forwarded Parser syntax parsing case-insensitive
    NixOS#38648 - More documentation adjustments for new downstream tooling
    NixOS#38649 - Use [[anchor]] format consistently
    NixOS#38748 - Sanitize app.dekorate.io/vcs-url kubernetes annotation
    NixOS#38755 - Log when a RestEasy Reactive client close method is called
    NixOS#38785 - ArC: fix interception when some methods return void
    NixOS#38865 - Update commons-compress version to mitigate CVE-2024-25710
superherointj pushed a commit to nixpkgs-friendly/nixpkgs-friendly that referenced this pull request Apr 18, 2024
@bclaud @superherointj
quarkus-cli: init 3.2.11.Final
37c882f 
Release: https://github.com/quarkusio/quarkus/releases/tag/3.2.11.Final

Complete changelog

    NixOS#35659 - Fix File handling as a JAX-RS body parameter
    NixOS#37153 - Bump smallrye-jwt version to 4.4.0
    NixOS#38233 - Bump resteasy.version from 6.2.6.Final to 6.2.7.Final
    NixOS#38236 - Adding a decorator causes bytecode error
    NixOS#38362 - Register JDBC RowSet required bundle
    NixOS#38370 - Include RowSet properties file in native image
    NixOS#38429 - Replace {project-name} attribute in document title for downstream
    NixOS#38430 - Avoid dots in config doc ids as it's causing issues for downstream
    NixOS#38580 - Make the Forwarded Parser syntax parsing case-insensitive
    NixOS#38648 - More documentation adjustments for new downstream tooling
    NixOS#38649 - Use [[anchor]] format consistently
    NixOS#38748 - Sanitize app.dekorate.io/vcs-url kubernetes annotation
    NixOS#38755 - Log when a RestEasy Reactive client close method is called
    NixOS#38785 - ArC: fix interception when some methods return void
    NixOS#38865 - Update commons-compress version to mitigate CVE-2024-25710
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Mic92 Mic92 Mic92 approved these changes

Assignees
No one assigned
Labels
1.severity: security 6.topic: golang 10.rebuild-darwin: 101-500 10.rebuild-linux: 101-500
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@andir @GrahamcOfBorg @Mic92 @samueldr