Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[19.09] opensmtpd: mark as insecure due to CVE-2020-8794 / #80978 #82765

Merged
merged 2 commits into from Mar 17, 2020

Conversation

@obadz
Copy link
Contributor

obadz commented Mar 17, 2020

Security critical fix #80978 was never backported to 19.09. This marks the package as vulnerable.

@obadz obadz changed the title opensmtpd: mark as insecure due to CVE-2020-8794 / #80978 [19.09] opensmtpd: mark as insecure due to CVE-2020-8794 / #80978 Mar 17, 2020
pkgs/servers/mail/opensmtpd/default.nix Outdated Show resolved Hide resolved
@Mic92
Copy link
Contributor

Mic92 commented Mar 17, 2020

Is backporting #80978 not an option?

Co-Authored-By: Alyssa Ross <hi@alyssa.is>
@obadz
Copy link
Contributor Author

obadz commented Mar 17, 2020

@Mic92, I don't know if someone else wants to do it (I can't take that on myself at the moment). But after 3 weeks with a remote RCE, I think leaving as is should not be an option :-(

@alyssais alyssais merged commit 4f69f2c into NixOS:release-19.09 Mar 17, 2020
15 checks passed
15 checks passed
opensmtpd on aarch64-linux No attempt
Details
opensmtpd on x86_64-darwin No attempt
Details
opensmtpd on x86_64-linux No attempt
Details
Evaluation Performance Report Evaluator Performance Report
Details
grahamcofborg-eval ^.^!
Details
grahamcofborg-eval-check-meta config.nix: checkMeta = true
Details
grahamcofborg-eval-darwin nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./pkgs/top-level/release.nix -A darwin-tested
Details
grahamcofborg-eval-nixos nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./nixos/release-combined.nix -A tested
Details
grahamcofborg-eval-nixos-manual nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./nixos/release.nix -A manual
Details
grahamcofborg-eval-nixos-options nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./nixos/release.nix -A options
Details
grahamcofborg-eval-nixpkgs-manual nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./pkgs/top-level/release.nix -A manual
Details
grahamcofborg-eval-nixpkgs-tarball nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./pkgs/top-level/release.nix -A tarball
Details
grahamcofborg-eval-nixpkgs-unstable-jobset nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./pkgs/top-level/release.nix -A unstable
Details
grahamcofborg-eval-package-list nix-env -qa --json --file .
Details
grahamcofborg-eval-package-list-no-aliases nix-env -qa --json --file . --arg config { allowAliases = false; }
Details
@alyssais
Copy link
Member

alyssais commented Mar 17, 2020

If somebody wants to backport, they can do so and revert this.

@Mic92
Copy link
Contributor

Mic92 commented Mar 17, 2020

This backports opensmtpd to 19.09: #82775

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

3 participants
You can’t perform that action at this time.