Skip to content

pixman: 0.38.4 -> 0.42.2#199675

Merged
vcunat merged 1 commit intoNixOS:stagingfrom
mweinelt:pixman
Nov 5, 2022
Merged

pixman: 0.38.4 -> 0.42.2#199675
vcunat merged 1 commit intoNixOS:stagingfrom
mweinelt:pixman

Conversation

@mweinelt
Copy link
Member

@mweinelt mweinelt commented Nov 5, 2022
edited by vcunat
Loading

http://www.openwall.com/lists/oss-security/2022/11/05/1

Fixes: CVE-2022-44638
Backport: #199676

Description of changes
Things done
  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandbox = true set in nix.conf? (See Nix manual)
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 22.11 Release Notes (or backporting 22.05 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
    • (Release notes changes) Ran nixos/doc/manual/md-to-db.sh to update generated release notes
  • Fits CONTRIBUTING.md.

@mweinelt mweinelt added the 1.severity: security Issues which raise a security issue, or PRs that fix one label Nov 5, 2022
@ofborg ofborg bot added 10.rebuild-darwin: 501+ This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-darwin: 5001+ This PR causes many rebuilds on Darwin and must target the staging branches. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. 10.rebuild-linux: 5001+ This PR causes many rebuilds on Linux and must target the staging branches. labels Nov 5, 2022
@vcunat

This comment was marked as resolved.

Sign in to view
@mweinelt
Copy link
Member Author

mweinelt commented Nov 5, 2022

openwall says

The request has failed: No such message

https://www.openwall.com/lists/oss-security/2022/11/05/1

vcunat
vcunat reviewed Nov 5, 2022
View reviewed changes
@vcunat vcunat merged commit 910ce3a into NixOS:staging Nov 5, 2022
@vcunat
Copy link
Member

vcunat commented Nov 5, 2022

My understanding is that this is a backwards compatible update, despite the larger change in version number.

@mweinelt mweinelt deleted the pixman branch November 5, 2022 19:02
@vcunat
Copy link
Member

vcunat commented Nov 8, 2022

Unfortunately it broke on aarch64-darwin, apparently with some assembler incompatibility: https://hydra.nixos.org/build/197830077

@vcunat
Copy link
Member

vcunat commented Nov 8, 2022

I expect the aarch64 assembly needs GNU instead of LLVM: https://gitlab.freedesktop.org/pixman/pixman/-/issues/46#note_1436787

@vcunat
Copy link
Member

vcunat commented Nov 8, 2022

Let's try #200156

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vcunat vcunat vcunat left review comments

Assignees

No one assigned

Labels

1.severity: security Issues which raise a security issue, or PRs that fix one 10.rebuild-darwin: 501+ This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-darwin: 5001+ This PR causes many rebuilds on Darwin and must target the staging branches. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. 10.rebuild-linux: 5001+ This PR causes many rebuilds on Linux and must target the staging branches.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mweinelt @vcunat

Comments