Skip to content

libtiff: apply patch CVE-2024-13978 and CVE-2025-9165#436742

Merged
vcunat merged 1 commit intoNixOS:stagingfrom
LeSuisse:libtiff-CVE-2024-13978-CVE-2025-9165
Aug 27, 2025
Merged

libtiff: apply patch CVE-2024-13978 and CVE-2025-9165#436742
vcunat merged 1 commit intoNixOS:stagingfrom
LeSuisse:libtiff-CVE-2024-13978-CVE-2025-9165

Conversation

@LeSuisse
Copy link
Member

@LeSuisse LeSuisse commented Aug 25, 2025

Things done

  • Built on platform:
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • Tested, as applicable:
  • Ran nixpkgs-review on this PR. See nixpkgs-review usage.
  • Tested basic functionality of all binary files, usually in ./result/bin/.
  • Nixpkgs Release Notes
    • Package update: when the change is major or breaking.
  • NixOS Release Notes
    • Module addition: when adding a new NixOS module.
    • Module update: when the change is significant.
  • Fits CONTRIBUTING.md, pkgs/README.md, maintainers/README.md and other READMEs.

Add a 👍 reaction to pull requests you find important.

@LeSuisse LeSuisse added 1.severity: security Issues which raise a security issue, or PRs that fix one backport staging-25.05 labels Aug 25, 2025
@nixpkgs-ci nixpkgs-ci bot added 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. 10.rebuild-darwin: 501+ This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-darwin: 5001+ This PR causes many rebuilds on Darwin and must target the staging branches. 10.rebuild-linux: 5001+ This PR causes many rebuilds on Linux and must target the staging branches. labels Aug 25, 2025
imincik
imincik approved these changes Aug 25, 2025
View reviewed changes
Copy link
Contributor

@imincik imincik left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great thanks, looks good.

@nixpkgs-ci nixpkgs-ci bot added 12.approvals: 1 This PR was reviewed and approved by one person. 12.approved-by: package-maintainer This PR was reviewed and approved by a maintainer listed in any of the changed packages. labels Aug 25, 2025
@vcunat vcunat merged commit 372f811 into NixOS:staging Aug 27, 2025
38 of 40 checks passed
@nixpkgs-ci
Copy link
Contributor

nixpkgs-ci bot commented Aug 27, 2025

Successfully created backport PR for staging-25.05:

@nixpkgs-ci nixpkgs-ci bot mentioned this pull request Aug 27, 2025
Merged
1 task
@github-actions github-actions bot added the 8.has: port to stable This PR already has a backport to the stable release. label Aug 27, 2025
@LeSuisse LeSuisse deleted the libtiff-CVE-2024-13978-CVE-2025-9165 branch August 27, 2025 08:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@imincik imincik imincik approved these changes

@l0b0 l0b0 Awaiting requested review from l0b0

@sikmir sikmir Awaiting requested review from sikmir

@nialov nialov Awaiting requested review from nialov

@nh2 nh2 Awaiting requested review from nh2

@autra autra Awaiting requested review from autra

@willcohen willcohen Awaiting requested review from willcohen

Assignees

No one assigned

Labels

1.severity: security Issues which raise a security issue, or PRs that fix one 8.has: port to stable This PR already has a backport to the stable release. 10.rebuild-darwin: 501+ This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-darwin: 5001+ This PR causes many rebuilds on Darwin and must target the staging branches. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. 10.rebuild-linux: 5001+ This PR causes many rebuilds on Linux and must target the staging branches. 12.approvals: 1 This PR was reviewed and approved by one person. 12.approved-by: package-maintainer This PR was reviewed and approved by a maintainer listed in any of the changed packages.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@LeSuisse @imincik @vcunat