Skip to content

go_1_24: 1.24.3 -> 1.24.4#414366

Merged
katexochen merged 1 commit intoNixOS:stagingfrom
qowoz:go124
Jun 6, 2025
Merged

go_1_24: 1.24.3 -> 1.24.4#414366
katexochen merged 1 commit intoNixOS:stagingfrom
qowoz:go124

Conversation

@zowoq
Copy link
Contributor

@zowoq zowoq commented Jun 5, 2025
edited by katexochen
Loading

Changelog: https://go.dev/doc/devel/release#go1.24

Fixes CVE-2025-4673
Fixes CVE-2025-0913
Fixes CVE-2025-22874

Things done

  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
    • sandbox = relaxed
    • sandbox = true
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • Nixpkgs 25.11 Release Notes (or backporting 24.11 and 25.05 Nixpkgs Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
  • NixOS 25.11 Release Notes (or backporting 24.11 and 25.05 NixOS Release notes)
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
  • Fits CONTRIBUTING.md.

Add a 👍 reaction to pull requests you find important.

@zowoq zowoq added the 1.severity: security Issues which raise a security issue, or PRs that fix one label Jun 5, 2025
@github-actions github-actions bot added the 6.topic: golang Go is a high-level general purpose programming language that is statically typed and compiled. label Jun 5, 2025
@nix-owners nix-owners bot requested review from Mic92, kalbasit and katexochen June 5, 2025 22:57
@github-actions github-actions bot added 10.rebuild-darwin: 501+ This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-darwin: 2501-5000 This PR causes many rebuilds on Darwin and should target the staging branches. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. 10.rebuild-linux: 5001+ This PR causes many rebuilds on Linux and must target the staging branches. 11.by: package-maintainer This PR was created by a maintainer of all the package it changes. labels Jun 5, 2025
@nix-owners nix-owners bot requested review from mfrw and qbit June 5, 2025 23:04
@katexochen katexochen merged commit a28b400 into NixOS:staging Jun 6, 2025
18 of 21 checks passed
@nixpkgs-ci nixpkgs-ci bot mentioned this pull request Jun 6, 2025
Merged
1 task
@nixpkgs-ci
Copy link
Contributor

nixpkgs-ci bot commented Jun 6, 2025

Successfully created backport PR for staging-25.05:

@github-actions github-actions bot added the 8.has: port to stable This PR already has a backport to the stable release. label Jun 6, 2025
@zowoq zowoq deleted the go124 branch June 6, 2025 07:24
@YvanDaSilva
Copy link
Contributor

YvanDaSilva commented Jun 17, 2025

@katexochen @squat this PR was merged into staging, it includes several security vulnerability fixes.
AFAICT, staging was not merged into master. This has been 2 weeks already, is this expected?

go1.24.4 (released 2025-06-05) includes security fixes to the crypto/x509, net/http, and os packages, as well as bug fixes to the linker, the go command, and the hash/maphash and os packages. See the [Go 1.24.4 milestone](https://github.com/golang/go/issues?q=milestone%3AGo1.24.4+label%3ACherryPickApproved) on our issue tracker for details.

Not sure if this still applies, but shouldn't it have been merged to master?
NixOS/rfcs#26

@zowoq
Copy link
Contributor Author

zowoq commented Jun 17, 2025

https://nixpk.gs/pr-tracker.html?pr=414366

@katexochen katexochen mentioned this pull request Jun 17, 2025
Closed
13 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@katexochen katexochen katexochen approved these changes

@kalbasit kalbasit Awaiting requested review from kalbasit

@Mic92 Mic92 Awaiting requested review from Mic92

@qbit qbit Awaiting requested review from qbit

@mfrw mfrw Awaiting requested review from mfrw

+1 more reviewer

@squat squat squat approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

1.severity: security Issues which raise a security issue, or PRs that fix one 6.topic: golang Go is a high-level general purpose programming language that is statically typed and compiled. 8.has: port to stable This PR already has a backport to the stable release. 10.rebuild-darwin: 501+ This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-darwin: 2501-5000 This PR causes many rebuilds on Darwin and should target the staging branches. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. 10.rebuild-linux: 5001+ This PR causes many rebuilds on Linux and must target the staging branches. 11.by: package-maintainer This PR was created by a maintainer of all the package it changes.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@zowoq @YvanDaSilva @squat @katexochen