Skip to content

go_1_24: 1.24.3 -> 1.24.4#417456

Closed
kivra-joarod wants to merge 1 commit intoNixOS:masterfrom
kivra-joarod:go-1.24.4-update
Closed

go_1_24: 1.24.3 -> 1.24.4#417456
kivra-joarod wants to merge 1 commit intoNixOS:masterfrom
kivra-joarod:go-1.24.4-update

Conversation

@kivra-joarod
Copy link

@kivra-joarod kivra-joarod commented Jun 17, 2025

Changelog: https://go.dev/doc/devel/release#go1.24.4

Go 1.24.4 includes several security fixes:

  • CVE-2025-4673: net/http: sensitive headers not cleared on cross-origin redirect
  • CVE-2025-0913: os: OpenFile with O_CREATE|O_EXCL behaved differently on Unix and Windows for dangling symlinks
  • CVE-2025-22874: crypto/x509: usage of ExtKeyUsageAny disables policy validation

Things done

I have built in local machine with nix build .#go_1_24

  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
    • sandbox = relaxed
    • sandbox = true
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • Nixpkgs 25.11 Release Notes (or backporting 24.11 and 25.05 Nixpkgs Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
  • NixOS 25.11 Release Notes (or backporting 24.11 and 25.05 NixOS Release notes)
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
  • Fits CONTRIBUTING.md, pkgs/README.md, maintainers/README.md and other contributing documentation in corresponding paths.

Add a 👍 reaction to pull requests you find important.

@nix-owners nix-owners bot requested review from Mic92, kalbasit, katexochen and zowoq June 17, 2025 07:26
@NixOSInfra NixOSInfra added the 12.first-time contribution This PR is the author's first one; please be gentle! label Jun 17, 2025
@katexochen
Copy link
Contributor

katexochen commented Jun 17, 2025

done in #414366

@katexochen katexochen closed this Jun 17, 2025
@nix-owners nix-owners bot requested review from mfrw and qbit June 17, 2025 07:31
@github-actions github-actions bot added the 6.topic: golang Go is a high-level general purpose programming language that is statically typed and compiled. label Jun 17, 2025
@kivra-joarod
Copy link
Author

kivra-joarod commented Jun 17, 2025

done in #414366

Sorry my bad. I couldn't see the the change in master.
I will close it.

@kivra-joarod kivra-joarod deleted the go-1.24.4-update branch June 17, 2025 07:37
@katexochen
Copy link
Contributor

katexochen commented Jun 17, 2025

It's not in master yet, you can track via https://nixpk.gs/pr-tracker.html?pr=414366

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kalbasit kalbasit Awaiting requested review from kalbasit

@Mic92 Mic92 Awaiting requested review from Mic92

@katexochen katexochen Awaiting requested review from katexochen

@zowoq zowoq Awaiting requested review from zowoq

@qbit qbit Awaiting requested review from qbit

@mfrw mfrw Awaiting requested review from mfrw

Assignees

No one assigned

Labels

6.topic: golang Go is a high-level general purpose programming language that is statically typed and compiled. 12.first-time contribution This PR is the author's first one; please be gentle!

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@kivra-joarod @katexochen @NixOSInfra