Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

munin: 2.0.30 -> 2.0.33; for CVE-2017-6188 #24182

Merged
merged 2 commits into from Mar 22, 2017
Merged

munin: 2.0.30 -> 2.0.33; for CVE-2017-6188 #24182

merged 2 commits into from Mar 22, 2017

Conversation

ndowens
Copy link
Contributor

@ndowens ndowens commented Mar 21, 2017

Motivation for this change

Update;
Also to fix CVE: NixOS/security#36
Upstream Bug:
munin-monitoring/munin#721

Please test, as I am unsure how this app/program works

Things done
  • Tested using sandboxing
    (nix.useSandbox on NixOS,
    or option build-use-sandbox in nix.conf
    on non-NixOS)
  • Built on platform(s)
    • NixOS
    • macOS
    • Linux
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nox --run "nox-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Fits CONTRIBUTING.md.

@Mic92 Mic92 self-assigned this Mar 21, 2017
@7c6f434c
Copy link
Member

@domenkozar I think munin test in nixos/tests/munix.nix fails (without the upgrade) on master and in release-16.09… Any comments on how to check that the update doesn't break anything?

@Mic92
Copy link
Member

Mic92 commented Mar 21, 2017
edited

I tested the service manually on unstable, somebody who can test it in 16.09?
Update I am working on fixing the tests.

@Mic92
Copy link
Member

Mic92 commented Mar 21, 2017
edited

ping maintainers: @domenkozar or @bjornfor do you have a chance to tests this on 16.09?

@Mic92 Mic92 removed their assignment Mar 21, 2017
@bjornfor
Copy link
Contributor

@Mic92: This doesn't apply cleanly on release-16.09: we need to cherry-pick a couple of other munin commits before this one. I can test / backport to release-16.09 after this gets merged to master.

@Mic92 Mic92 merged commit b2ba188 into NixOS:master Mar 22, 2017
@Mic92
Copy link
Member

Mic92 commented Mar 22, 2017

@bjornfor here we go.

@bjornfor
Copy link
Contributor

@Mic92: Building my system on release-17.03 now. (First backporting to release-17.03, then 16.09)

@bjornfor
Copy link
Contributor

Applied to release-17.03 and release-16.09.

I ran the NixOS test for munin (nixos/tests/munin.nix) and also tested both branches manually by looking at the log (nothing suspicious) and that it produces graphs (in my browser).

@Mic92
Copy link
Member

Mic92 commented Mar 23, 2017

@bjornfor thanks

@samueldr samueldr removed the 9.needs: port to stable A PR needs a backport to the stable release. label Apr 17, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fpletz fpletz fpletz approved these changes

@bjornfor bjornfor bjornfor approved these changes

@domenkozar domenkozar Awaiting requested review from domenkozar

Assignees
No one assigned
Labels
1.severity: security 8.has: package (update) 9.needs: community feedback
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
7 participants
@ndowens @7c6f434c @Mic92 @bjornfor @fpletz @samueldr @vcunat