[23.05] iperf: apply patch for CVE-2023-38403

[LeSuisse]

Description of changes

The 3.13 and 3.14 releases include a set of user visible changes. I was not sure it those were all appropriate for a backport. Feel free to close this and to cherry-pick the upgrades instead.

Things done

• Built on platform(s)
  • x86_64-linux
  • aarch64-linux
  • x86_64-darwin
  • aarch64-darwin
• For non-Linux: Is sandbox = true set in nix.conf? (See Nix manual)
• Tested, as applicable:
  • NixOS test(s) (look inside nixos/tests)
  • and/or package tests
  • or, for functions and "core" functionality, tests in lib/tests or pkgs/test
  • made sure NixOS tests are linked to the relevant packages
• Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
• Tested basic functionality of all binary files (usually in ./result/bin/)
• 23.11 Release Notes (or backporting 23.05 Release notes)
  • (Package updates) Added a release notes entry if the change is major or breaking
  • (Module updates) Added a release notes entry if the change is significant
  • (Module addition) Added a release notes entry if adding a new NixOS module
• Fits CONTRIBUTING.md.

Result of nixpkgs-review pr 244368 run on x86_64-linux 1

12 packages built:

• bcc
• bcc.man
• bpftrace
• bpftrace.man
• iperf
• iperf.man
• linuxKernel.packages.hardkernel_4_14.oci-seccomp-bpf-hook
• linuxKernel.packages.hardkernel_4_14.oci-seccomp-bpf-hook.man
• linuxKernel.packages.linux_5_4.system76-scheduler (linuxKernel.packages.linux_4_14.system76-scheduler ,linuxKernel.packages.linux_5_4_hardened.system76-scheduler ,linuxKernel.packages.linux_6_1.system76-scheduler ,linuxKernel.packages.linux_6_1_hardened.system76-scheduler ,linuxKernel.packages.linux_6_3.system76-scheduler ,linuxKernel.packages.linux_6_3_hardened.system76-scheduler ,linuxKernel.packages.linux_6_4.system76-scheduler ,linuxKernel.packages.linux_6_4_hardened.system76-scheduler ,linuxKernel.packages.linux_hardened.system76-scheduler ,linuxKernel.packages.linux_latest_libre.system76-scheduler ,linuxKernel.packages.linux_libre.system76-scheduler ,linuxKernel.packages.linux_lqx.system76-scheduler ,linuxKernel.packages.linux_testing_bcachefs.system76-scheduler ,linuxKernel.packages.linux_xanmod.system76-scheduler ,linuxKernel.packages.linux_xanmod_latest.system76-scheduler ,linuxKernel.packages.linux_xanmod_stable.system76-scheduler ,linuxKernel.packages.linux_zen.system76-scheduler)
• picosnitch
• picosnitch.dist
• sockdump

[yu-re-ka]

I'm in favor of porting the updates. The user-visible changes all look like bugfixes.

[LeSuisse]

I'm in favor of porting the updates. The user-visible changes all look like bugfixes.

Fine by me. My only real fear is this improvement:

fq-rate (PR #1461, Issue #1366), and bidirectional flag (Issue #1428, PR #1429) were added to the JSON output.

but I'm guessing it is reasonable enough.

https://github.com/esnet/iperf/blob/3.14/RELNOTES.md

Waiting on #244367 and I will deal with the cherry picks.

[vcunat]

PR #244372 was merged.

[yu-re-ka]

#244430 dealt with the security-relevant version bump, but I also merged that now

[vcunat]

Oh, thanks for clarifying. I confused this.