-
-
Notifications
You must be signed in to change notification settings - Fork 12.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
gdk-pixbuf: enable other loaders, disable ani loader #308976
Conversation
2.42.11 disables several loaders by default. The meson option "others" reenables these for packages that still depend on them.
The "others" option includes ani which is currently affected by CVE-2022-48622. Disable this by removing it from the build while allowing the other loaders to build.
Aagh, I forgot about this. There is some more discussion in https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/merge_requests/169. They might end up splitting the other loaders to a separate package: https://gitlab.gnome.org/ebassi/gdk-pixbuf-extra Generally, we aim to follow upstream and it is true that the others loaders have been unmaintained for years and there is quite a chance of more unnoticed security issues. But the timing is pretty bad so we might need to merge this for 24.05 unless we manage to resolve the build issues individually. |
I also noticed that |
|
This pull request has been mentioned on NixOS Discourse. There might be relevant details there: |
Description of changes
Starting with 2.42.11, several loaders are disabled by default:
https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/merge_requests/163
This breaks at least the following on master:
This enables the "others" option to restore previous behavior while still removing the ani loader due to CVE-2022-48622.
Fixes: #313199
Things done
nix.conf
? (See Nix manual)sandbox = relaxed
sandbox = true
nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD"
. Note: all changes have to be committed, also see nixpkgs-review usage./result/bin/
)Add a 👍 reaction to pull requests you find important.