Skip to content

ghostscript: 10.02.0 -> 10.02.1#268830

Merged
vcunat merged 1 commit intoNixOS:stagingfrom
elohmeier:ghostscript-update
Nov 24, 2023
Merged

ghostscript: 10.02.0 -> 10.02.1#268830
vcunat merged 1 commit intoNixOS:stagingfrom
elohmeier:ghostscript-update

Conversation

@elohmeier
Copy link
Contributor

@elohmeier elohmeier commented Nov 20, 2023
edited
Loading

Description of changes

Fixes https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46751.
CVE-2023-46751 is a shell command injection/remote code execution risk. (see https://www.ghostscript.com/index.html)

Things done

  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
    • sandbox = relaxed
    • sandbox = true
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 23.11 Release Notes (or backporting 23.05 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
  • Fits CONTRIBUTING.md.

@elohmeier elohmeier added 1.severity: security Issues which raise a security issue, or PRs that fix one 9.needs: port to stable A PR needs a backport to the stable release. labels Nov 20, 2023
@ofborg ofborg bot requested a review from viric November 21, 2023 01:20
@ofborg ofborg bot added 10.rebuild-darwin: 501+ This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-darwin: 2501-5000 This PR causes many rebuilds on Darwin and should target the staging branches. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. 10.rebuild-linux: 5001+ This PR causes many rebuilds on Linux and must target the staging branches. labels Nov 21, 2023
@elohmeier elohmeier changed the base branch from master to staging November 21, 2023 05:24
@github-actions github-actions bot added 6.topic: python Python is a high-level, general-purpose programming language. 6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 8.has: documentation This PR adds or changes documentation 8.has: changelog This PR adds or changes release notes 8.has: module (update) This PR changes an existing module in `nixos/` labels Nov 21, 2023
@github-actions github-actions bot removed 6.topic: python Python is a high-level, general-purpose programming language. 6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 8.has: documentation This PR adds or changes documentation 8.has: changelog This PR adds or changes release notes 8.has: module (update) This PR changes an existing module in `nixos/` labels Nov 21, 2023
@elohmeier
Copy link
Contributor Author

elohmeier commented Nov 21, 2023

Switched target to staging branch.

@risicle
Copy link
Contributor

risicle commented Nov 23, 2023

Cherry-picked to staging-next for testing, built passthru.tests with no new failures, macos 10.15, nixos x86_64. Built ghostscript, aarch64-linux.

@delroth delroth added the 12.approvals: 1 This PR was reviewed and approved by one person. label Nov 24, 2023
@vcunat vcunat added backport release-23.05 and removed 9.needs: port to stable A PR needs a backport to the stable release. labels Nov 24, 2023
@vcunat vcunat merged commit 4770ebe into NixOS:staging Nov 24, 2023
@github-actions github-actions bot mentioned this pull request Nov 24, 2023
Closed
1 task
@github-actions
Copy link
Contributor

github-actions bot commented Nov 24, 2023

Successfully created backport PR for release-23.05:

@github-actions github-actions bot mentioned this pull request Nov 24, 2023
Closed
1 task
@github-actions
Copy link
Contributor

github-actions bot commented Nov 24, 2023

Successfully created backport PR for release-23.11:

@github-actions github-actions bot mentioned this pull request Nov 24, 2023
Merged
1 task
@github-actions
Copy link
Contributor

github-actions bot commented Nov 24, 2023

Successfully created backport PR for staging-23.05:

@github-actions
Copy link
Contributor

github-actions bot commented Nov 24, 2023

Git push to origin failed for staging-23.05 with exitcode 1

@github-actions github-actions bot mentioned this pull request Nov 24, 2023
Merged
1 task
@github-actions
Copy link
Contributor

github-actions bot commented Nov 24, 2023

Git push to origin failed for staging-23.11 with exitcode 1

@github-actions
Copy link
Contributor

github-actions bot commented Nov 24, 2023

Successfully created backport PR for staging-23.11:

@vcunat
Copy link
Member

vcunat commented Nov 24, 2023

Old PDF Interpreter has now been removed

Not great for backports, but I can hope that noone's using it.

@elohmeier elohmeier deleted the ghostscript-update branch November 24, 2023 18:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@risicle risicle risicle approved these changes

@viric viric Awaiting requested review from viric

@thoughtpolice thoughtpolice Awaiting requested review from thoughtpolice

Assignees

No one assigned

Labels

1.severity: security Issues which raise a security issue, or PRs that fix one 10.rebuild-darwin: 501+ This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-darwin: 2501-5000 This PR causes many rebuilds on Darwin and should target the staging branches. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. 10.rebuild-linux: 5001+ This PR causes many rebuilds on Linux and must target the staging branches. 12.approvals: 1 This PR was reviewed and approved by one person.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@elohmeier @risicle @vcunat @delroth