Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

libvirt_5_9_0: mark as insecure #111322

Merged
merged 1 commit into from
Feb 7, 2021

Conversation

dotlambda
Copy link
Member

Motivation for this change

closes #90862

Actually, we might prefer to remove libvirt_5_9_0 and python2Packages.libvirt entirely.

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS linux)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Ensured that relevant documentation is up to date
  • Fits CONTRIBUTING.md.

@dotlambda dotlambda added 1.severity: security Issues which raise a security issue, or PRs that fix one 9.needs: port to stable A PR needs a backport to the stable release. labels Jan 30, 2021
@ofborg ofborg bot added 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin 10.rebuild-linux: 0 This PR does not cause any packages to rebuild on Linux labels Jan 30, 2021
@dotlambda
Copy link
Member Author

This affects nixops because it is still using Python 2.
cc @NixOS/nixops-committers

@SuperSandro2000
Copy link
Member

This affects nixops because it is still using Python 2.

It should already be unbuiltable in nixpkgs because cryptography is marked as insecure.

@dotlambda
Copy link
Member Author

It should already be unbuiltable in nixpkgs because cryptography is marked as insecure.

python2.pkgs.cryptography builds just fine since cbe4b09

@dotlambda dotlambda merged commit 4a11da4 into NixOS:master Feb 7, 2021
@dotlambda dotlambda deleted the libvirt_5_9_0-insecure branch February 7, 2021 09:38
dotlambda added a commit that referenced this pull request Feb 7, 2021
@dotlambda dotlambda added 8.has: port to stable A PR already has a backport to the stable release. and removed 9.needs: port to stable A PR needs a backport to the stable release. labels Feb 7, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
1.severity: security Issues which raise a security issue, or PRs that fix one 8.has: port to stable A PR already has a backport to the stable release. 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin 10.rebuild-linux: 0 This PR does not cause any packages to rebuild on Linux
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Vulnerability roundup 85: libvirt-5.9.0: 5 advisories [8.1]
2 participants