Skip to content

libde265: 1.0.12 -> 1.0.14#268884

Merged
risicle merged 2 commits intoNixOS:stagingfrom
r-ryantm:auto-update/libde265
Dec 2, 2023
Merged

libde265: 1.0.12 -> 1.0.14#268884
risicle merged 2 commits intoNixOS:stagingfrom
r-ryantm:auto-update/libde265

Conversation

@r-ryantm
Copy link
Contributor

@r-ryantm r-ryantm commented Nov 21, 2023
edited by LeSuisse
Loading

Fixes CVE-2023-43887 (and other security related issues).

https://github.com/strukturag/libde265/releases/tag/v1.0.13
https://github.com/strukturag/libde265/releases/tag/v1.0.14

meta.description for libde265 is: Open h.265 video codec implementation

meta.homepage for libde265 is: https://github.com/strukturag/libde265

Updates performed
  • Version update
To inspect upstream changes
Impact
Checks done (click to expand)
  • built on NixOS
  • The tests defined in passthru.tests, if any, passed
  • found 1.0.13 with grep in /nix/store/4ni0d1lkw5hnp0v6s2yrwh3izad6a7rw-libde265-1.0.13
  • found 1.0.13 in filename of file in /nix/store/4ni0d1lkw5hnp0v6s2yrwh3izad6a7rw-libde265-1.0.13
Rebuild report (if merged into master) (click to expand) 
1595 total rebuild path(s)

1595 package rebuild(s)

First fifty rebuilds by attrpath
ChowKick
Sylk
abiword
abracadabra
activitywatch
adapta-gtk-theme
adriconf
advi
ajour
alfaview
alfis
almanah
alsa-scarlett-gui
altair
amberol
anilibria-winmaclinux
anki
anytype
apache-directory-studio
apacheHttpdPackages.mod_tile
apacheHttpdPackages_2_4.mod_tile
apkleaks
apostrophe
appimage-run
appimage-run-tests
aravis
arc-theme
archi
arx-libertatis
asc-key-to-qr-code-gif
asciidoc-full
asciidoc-full-with-plugins
ashpd-demo
astroid
asymptote
audio-recorder
authenticator
authy
auto-multiple-choice
autokey
autotrace
avrdude
avrdudess
aw-qt
awesome
aws-workspaces
ayu-theme-gtk
bada-bib
badwolf
ballerburg
Instructions to test this update (click to expand)

Either download from Cachix:

nix-store -r /nix/store/4ni0d1lkw5hnp0v6s2yrwh3izad6a7rw-libde265-1.0.13 \
  --option binary-caches 'https://cache.nixos.org/ https://nix-community.cachix.org/' \
  --option trusted-public-keys '
  nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=
  cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
  '

(The Cachix cache is only trusted for this store-path realization.)
For the Cachix download to work, your user must be in the trusted-users list or you can use sudo since root is effectively trusted.

Or, build yourself:

nix-build -A libde265 https://github.com/r-ryantm/nixpkgs/archive/b266c3ef7f85bae37bc9d6493f051dce24e6f984.tar.gz

Or:

nix build github:r-ryantm/nixpkgs/b266c3ef7f85bae37bc9d6493f051dce24e6f984#libde265

After you've downloaded or built it, look at the files and if there are any, run the binaries:

ls -la /nix/store/4ni0d1lkw5hnp0v6s2yrwh3izad6a7rw-libde265-1.0.13
ls -la /nix/store/4ni0d1lkw5hnp0v6s2yrwh3izad6a7rw-libde265-1.0.13/bin

Pre-merge build results

NixPkgs review skipped

Maintainer pings

cc @gebner for testing.

@ofborg ofborg bot requested a review from gebner November 21, 2023 07:15
@ofborg ofborg bot added 10.rebuild-darwin: 501+ This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-darwin: 1001-2500 This PR causes many rebuilds on Darwin and should most likely target the staging branches. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. 10.rebuild-linux: 1001-2500 This PR causes many rebuilds on Linux and should target the staging branches. labels Nov 21, 2023
@NickCao
Copy link
Member

NickCao commented Nov 21, 2023

1.0.14 is out: https://github.com/strukturag/libde265/releases/tag/v1.0.14, also we might want to change to the cmake build system.

@drupol drupol added the 2.status: merge conflict This PR has merge conflicts with the target branch label Dec 1, 2023
@LeSuisse LeSuisse force-pushed the auto-update/libde265 branch from b266c3e to 493f4fb Compare December 1, 2023 20:46
@LeSuisse LeSuisse changed the title libde265: 1.0.12 -> 1.0.13 libde265: 1.0.12 -> 1.0.14 Dec 1, 2023
@LeSuisse
Copy link
Member

LeSuisse commented Dec 1, 2023

Rebased on top of staging and bumped to 1.0.14.

@LeSuisse LeSuisse added 1.severity: security Issues which raise a security issue, or PRs that fix one backport staging-23.05 and removed 2.status: merge conflict This PR has merge conflicts with the target branch labels Dec 1, 2023
@risicle
Copy link
Contributor

risicle commented Dec 2, 2023

Not sure we should backport a build-system change to 23.05 (or perhaps even 23.11)

@risicle
Copy link
Contributor

risicle commented Dec 2, 2023

Cherry-picked to staging-next for testing, built, passthru.tests on macos 12 x86_64, nixos x86_64.,pkgsi686Linux. pkgsStatic, pkgsMusl, pkgsCross.aarch64-multiplatform variants build.

@LeSuisse LeSuisse force-pushed the auto-update/libde265 branch from 493f4fb to c877048 Compare December 2, 2023 00:44
@LeSuisse LeSuisse added 9.needs: port to stable A PR needs a backport to the stable release. and removed backport staging-23.05 labels Dec 2, 2023
@LeSuisse
Copy link
Member

LeSuisse commented Dec 2, 2023

Not sure we should backport a build-system change to 23.05 (or perhaps even 23.11)

I moved the change related to the build-system in a separate, I will manage the cherry-picking to the stable releases manually.

@risicle risicle merged commit ac9705a into NixOS:staging Dec 2, 2023
@r-ryantm r-ryantm deleted the auto-update/libde265 branch December 2, 2023 02:06
This was referenced Dec 2, 2023
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@risicle risicle risicle approved these changes

@gebner gebner Awaiting requested review from gebner

Assignees

No one assigned

Labels

1.severity: security Issues which raise a security issue, or PRs that fix one 9.needs: port to stable A PR needs a backport to the stable release. 10.rebuild-darwin: 501+ This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-darwin: 1001-2500 This PR causes many rebuilds on Darwin and should most likely target the staging branches. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. 10.rebuild-linux: 1001-2500 This PR causes many rebuilds on Linux and should target the staging branches.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@r-ryantm @NickCao @LeSuisse @risicle @drupol