Skip to content

quictls: 3.0.5+quick_unstable-2022-07.05 -> 3.0.7+quic1#199184

Merged
vcunat merged 1 commit intoNixOS:staging-nextfrom
LeSuisse:quictls-3.0.7
Nov 2, 2022
Merged

quictls: 3.0.5+quick_unstable-2022-07.05 -> 3.0.7+quic1#199184
vcunat merged 1 commit intoNixOS:staging-nextfrom
LeSuisse:quictls-3.0.7

Conversation

@LeSuisse
Copy link
Member

@LeSuisse LeSuisse commented Nov 2, 2022

Description of changes

Fixes CVE-2022-3786 and CVE-2022-3602.
See eeca596 and 70ca403.

Things done
  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandbox = true set in nix.conf? (See Nix manual)
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 22.11 Release Notes (or backporting 22.05 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
    • (Release notes changes) Ran nixos/doc/manual/md-to-db.sh to update generated release notes
  • Fits CONTRIBUTING.md.

@LeSuisse LeSuisse added the 1.severity: security Issues which raise a security issue, or PRs that fix one label Nov 2, 2022
@LeSuisse
Copy link
Member Author

LeSuisse commented Nov 2, 2022

For backporting 1ed8ae3, 94ffbb4 and 4f99d8e are also needed.

@ofborg ofborg bot requested a review from Izorkin November 2, 2022 16:29
@ofborg ofborg bot added 10.rebuild-darwin: 1-10 This PR causes between 1 and 10 packages to rebuild on Darwin. 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux. labels Nov 2, 2022
@vcunat vcunat merged commit ceefe5e into NixOS:staging-next Nov 2, 2022
@LeSuisse LeSuisse deleted the quictls-3.0.7 branch November 2, 2022 16:35
@Izorkin
Copy link
Contributor

Izorkin commented Nov 2, 2022

@LeSuisse you have duplicated the enable-ktls option - https://github.com/NixOS/nixpkgs/pull/199184/files#diff-a4de3a6e415b4912c750b0474123253f9b667bb9ebc61d801b33cd16865eacfcL105

@LeSuisse
Copy link
Member Author

LeSuisse commented Nov 2, 2022

Oups,, good catch

@vcunat
Copy link
Member

vcunat commented Nov 2, 2022

Right, I'm sorry. Fortunately it doesn't seem to break anything?

@LeSuisse
Copy link
Member Author

LeSuisse commented Nov 2, 2022

I'm guessing it's broken on darwin? I do not have a env to test it.

I opened #199190 to fix it, it might be better to have the same behavior between the openssl package and this one anyway I guess.

@vcunat
Copy link
Member

vcunat commented Nov 2, 2022

Ah yes, probably, but on this branch there are almost no darwin binaries yet, so it's not a practical issue so far.

@Izorkin
Copy link
Contributor

Izorkin commented Nov 2, 2022

it might be better to have the same behavior between the openssl package and this one anyway I guess.

I could not implement changes for the quictls package in openssl. So i maked a separate package.

@LeSuisse LeSuisse mentioned this pull request Nov 2, 2022
Merged
13 tasks
@LeSuisse
Copy link
Member Author

LeSuisse commented Nov 2, 2022

Yep sure, my comment was specifically about the enable-ktls flag since it was not defined in the OpenSSL package before 😉

I opened the backport PR: see #199192

@raboof raboof mentioned this pull request Nov 3, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Izorkin Izorkin Awaiting requested review from Izorkin

Assignees

No one assigned

Labels

1.severity: security Issues which raise a security issue, or PRs that fix one 10.rebuild-darwin: 1-10 This PR causes between 1 and 10 packages to rebuild on Darwin. 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@LeSuisse @Izorkin @vcunat