Skip to content

expat: 2.2.10 -> 2.4.1 (CVE-2013-0340)#124212

Merged
SuperSandro2000 merged 2 commits intoNixOS:stagingfrom
hartwork:update-expat-2-4-1
Jun 12, 2021
Merged

expat: 2.2.10 -> 2.4.1 (CVE-2013-0340)#124212
SuperSandro2000 merged 2 commits intoNixOS:stagingfrom
hartwork:update-expat-2-4-1

Conversation

@hartwork
Copy link
Contributor

@hartwork hartwork commented May 23, 2021
edited
Loading

Motivation for this change

Security fixes (CVE-2013-0340)

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS linux)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Added a release notes entry if the change is major or breaking
  • Fits CONTRIBUTING.md.

@hartwork hartwork mentioned this pull request May 23, 2021
Closed
53 tasks
@ofborg ofborg bot added 10.rebuild-darwin-stdenv This PR causes stdenv to rebuild on Darwin and must target a staging branch. 10.rebuild-linux-stdenv This PR causes stdenv to rebuild on Linux and must target a staging branch. 10.rebuild-darwin: 501+ This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-darwin: 5001+ This PR causes many rebuilds on Darwin and must target the staging branches. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. 10.rebuild-linux: 5001+ This PR causes many rebuilds on Linux and must target the staging branches. labels May 24, 2021
SuperSandro2000
SuperSandro2000 requested changes May 24, 2021
View reviewed changes
@hartwork hartwork force-pushed the update-expat-2-4-1 branch from 2fc2e6a to 8e226ae Compare May 24, 2021 02:18
@hartwork hartwork requested a review from SuperSandro2000 May 25, 2021 14:01
@SuperSandro2000
Copy link
Member

SuperSandro2000 commented May 27, 2021

@ofborg build expat

@risicle risicle added the 1.severity: security Issues which raise a security issue, or PRs that fix one label May 30, 2021
@hartwork
Copy link
Contributor Author

hartwork commented May 31, 2021

@SuperSandro2000 any news?

@Mindavi
Copy link
Contributor

Mindavi commented Jun 1, 2021

Changelog seems fine, build for x86-64 has passed.

Diff LGTM

@Mindavi Mindavi added the 8.has: upstream changes reviewed Reviewer checked the changelogs/commit logs associated with the release and did not find any issues. label Jun 1, 2021
@SuperSandro2000
Copy link
Member

SuperSandro2000 commented Jun 3, 2021

@ofborg build expat

@hartwork
Copy link
Contributor Author

hartwork commented Jun 9, 2021
edited
Loading

@SuperSandro2000 if there are no more changes needed on my side, could you approve the PR so the it no longer communicates "not ready" to the rest of the world? If there are changes needed, how can I help to make CI happy?

@SuperSandro2000
Copy link
Member

SuperSandro2000 commented Jun 9, 2021

if there are no more changes needed on my side, could you approve the PR so the it no longer communicates "not ready" to the rest of the world?

That doesn't really matter is not blocking any merge.

SuperSandro2000
SuperSandro2000 reviewed Jun 9, 2021
View reviewed changes
@hartwork hartwork force-pushed the update-expat-2-4-1 branch from 8e226ae to b4bf80c Compare June 9, 2021 14:04
@hartwork
Copy link
Contributor Author

hartwork commented Jun 9, 2021

That doesn't really matter is not blocking any merge.

I respectfully disagree. It communicates something in 2 seconds that otherwise takes manual work from each viewer to falsify. If you need someone to do it for, please do it for me. Thank you 🙏

@SuperSandro2000
Copy link
Member

SuperSandro2000 commented Jun 12, 2021
edited
Loading

I respectfully disagree. It communicates something in 2 seconds that otherwise takes manual work from each viewer to falsify.

Yeah, you are completely right but I normally have so many notifications that I am overwhelmed by them.

If you need someone to do it for, please do it for me. Thank you 🙏

The PR is now LGTM.

Edit: Oh, you are the upstream developer. Nice to see you here.

@SuperSandro2000 SuperSandro2000 merged commit 9e74629 into NixOS:staging Jun 12, 2021
@OPNA2608 OPNA2608 mentioned this pull request Jul 2, 2021
Merged
11 tasks
@hartwork hartwork mentioned this pull request Feb 19, 2022
Merged
13 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@SuperSandro2000 SuperSandro2000 SuperSandro2000 approved these changes

Assignees

No one assigned

Labels

1.severity: security Issues which raise a security issue, or PRs that fix one 8.has: upstream changes reviewed Reviewer checked the changelogs/commit logs associated with the release and did not find any issues. 10.rebuild-darwin: 501+ This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-darwin: 5001+ This PR causes many rebuilds on Darwin and must target the staging branches. 10.rebuild-darwin-stdenv This PR causes stdenv to rebuild on Darwin and must target a staging branch. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. 10.rebuild-linux: 5001+ This PR causes many rebuilds on Linux and must target the staging branches. 10.rebuild-linux-stdenv This PR causes stdenv to rebuild on Linux and must target a staging branch.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@hartwork @SuperSandro2000 @Mindavi @risicle