thunderbird, thunderbird-bin: 68.1.1 -> 68.2.2 [Critical security fixes] by taku0 · Pull Request #72006 · NixOS/nixpkgs

taku0 · 2019-10-26T06:56:45Z

Motivation for this change

Critical security fixes
Other updates

https://www.thunderbird.net/en-US/thunderbird/68.2.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2019-35/

Things done

Notify maintainers

cc @Fuuzetsu, @nbp, @edolstra

taku0 · 2019-11-01T07:54:36Z

Updated to 68.2.1.
cc @Fuuzetsu, @nbp, @edolstra

taku0 · 2019-11-08T10:09:06Z

Updated to 68.2.2.
cc @Fuuzetsu, @nbp, @edolstra, @vcunat
Please review this. Critical security fixes have been not merged for 2 weeks.

andir · 2019-11-08T11:01:36Z

The compilation fails on master. Probably due to some rustc version changes. On my 19.09 backport branch it works fine.

@taku0 Any idea if they already have a patch for newer rustc?

taku0 · 2019-11-08T11:10:37Z

@taku0 Any idea if they already have a patch for newer rustc?

I have no idea. FYI, firefox also suffers from the issue.
#73023

andir · 2019-11-08T11:11:14Z

https://bugzilla.mozilla.org/show_bug.cgi?id=1585223 seems to be relevant

andir · 2019-11-08T11:13:45Z

As it looks this time around Mozilla tries to dicatate older versions of rustc..
Here is another bugzilla entry on the same topic https://bugzilla.mozilla.org/show_bug.cgi?id=1585099

andir · 2019-11-08T11:15:38Z

@taku0 seems like you want to pick https://hg.mozilla.org/releases/mozilla-esr68/rev/f0020f517832 as patch on top of this

taku0 · 2019-11-08T11:20:36Z

@andir
The patch is already applied to 68.2.2, and I removed it from thunderbird/default.nix.

taku0 · 2019-11-08T11:24:18Z

Possible options:

Wait for an upstream patch.
Change rustc and related packages to have multiple rustc packages in nixpkgs.
Write a patch ourselves.

taku0 · 2019-11-08T11:27:43Z

Or just reverting rustc?

taku0 · 2019-11-08T11:30:04Z

I'll try to have multiple rustc packages in nixpkgs.

taku0 · 2019-11-08T11:38:24Z

I have confirmed that the error is same as firefox (#73023):

error[E0204]: the trait `Copy` may not be implemented for this type
  --> /build/objdir/x86_64-unknown-linux-gnu/release/build/style-f0201ccbb62104fd/out/gecko/structs.rs:23:297444

taku0 · 2019-11-08T12:18:30Z

Made PR #73039 for rustc. When #73039 is merged, I will rebase on it.

taku0 · 2019-11-08T12:57:37Z

Built and ran thunderbird successfully with #73039.

...into release-19.09. Picked from PR #72006.

vcunat · 2019-11-08T13:16:40Z

For 19.09 this seemed clear and worked for me well, so I pushed there already.

taku0 · 2019-11-08T13:55:53Z

#73039 is merged. Rebased on the master. Now it's ready to merge.

ofborg bot requested review from Fuuzetsu, edolstra and nbp October 26, 2019 07:11

ofborg bot added 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin. 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux. labels Oct 26, 2019

veprbl added the 1.severity: security Issues which raise a security issue, or PRs that fix one label Oct 26, 2019

taku0 force-pushed the thunderbird-bin-68.2.0 branch from 2386a2e to f6ce681 Compare November 1, 2019 07:53

taku0 changed the title ~~thunderbird, thunderbird-bin: 68.1.1 -> 68.2.0 [Critical security fixes]~~ thunderbird, thunderbird-bin: 68.1.1 -> 68.2.1 [Critical security fixes] Nov 1, 2019

taku0 force-pushed the thunderbird-bin-68.2.0 branch from f6ce681 to 1a7dce8 Compare November 8, 2019 10:05

taku0 changed the title ~~thunderbird, thunderbird-bin: 68.1.1 -> 68.2.1 [Critical security fixes]~~ thunderbird, thunderbird-bin: 68.1.1 -> 68.2.2 [Critical security fixes] Nov 8, 2019

andir self-assigned this Nov 8, 2019

taku0 mentioned this pull request Nov 8, 2019

rust: keep multiple version #73039

Merged

10 tasks

vcunat added a commit that referenced this pull request Nov 8, 2019

Merge: thunderbird*: 68.1.1 -> 68.2.2 (security)

87376e8

...into release-19.09. Picked from PR #72006.

taku0 added 2 commits November 8, 2019 22:54

thunderbird: 68.1.1 -> 68.2.0

1a211c1

thunderbird-bin: 68.1.1 -> 68.2.0

6e7e55e

taku0 added 4 commits November 8, 2019 22:54

thunderbird-bin: 68.2.0 -> 68.2.1

be29def

thunderbird: 68.2.0 -> 68.2.1

724f0f8

thunderbird-bin: 68.2.1 -> 68.2.2

c667f09

thunderbird: 68.2.1 -> 68.2.2

8c487d6

taku0 force-pushed the thunderbird-bin-68.2.0 branch from 1a7dce8 to 8c487d6 Compare November 8, 2019 13:55

andir merged commit b62f324 into NixOS:master Nov 8, 2019

Uh oh!

Conversation

taku0 commented Oct 26, 2019

Motivation for this change

Things done

Notify maintainers

Uh oh!

taku0 commented Nov 1, 2019

Uh oh!

taku0 commented Nov 8, 2019

Uh oh!

andir commented Nov 8, 2019

Uh oh!

taku0 commented Nov 8, 2019

Uh oh!

andir commented Nov 8, 2019

Uh oh!

andir commented Nov 8, 2019

Uh oh!

andir commented Nov 8, 2019

Uh oh!

taku0 commented Nov 8, 2019 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

taku0 commented Nov 8, 2019

Uh oh!

taku0 commented Nov 8, 2019

Uh oh!

taku0 commented Nov 8, 2019

Uh oh!

taku0 commented Nov 8, 2019

Uh oh!

taku0 commented Nov 8, 2019

Uh oh!

taku0 commented Nov 8, 2019

Uh oh!

vcunat commented Nov 8, 2019

Uh oh!

taku0 commented Nov 8, 2019

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

taku0 commented Nov 8, 2019 •

edited

Loading