Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

zoneminder: fix CVE-2020-25729 #99907

Merged
merged 1 commit into from Nov 4, 2020
Merged

Conversation

@andir
Copy link
Member

@andir andir commented Oct 6, 2020

Motivation for this change

Relates to #99872

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS linux)
  • Built on platform(s)
    • NixOS
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
@mweinelt
Copy link
Member

@mweinelt mweinelt commented Oct 26, 2020

Meh, sorry this got delayed.

I think we can update to 1.34.22 for master and 20.09 and only apply the patch for 20.03. https://github.com/ZoneMinder/zoneminder/releases/tag/1.34.22

@worldofpeace
Copy link
Contributor

@worldofpeace worldofpeace commented Oct 31, 2020

Meh, sorry this got delayed.

I think we can update to 1.34.22 for master and 20.09 and only apply the patch for 20.03. https://github.com/ZoneMinder/zoneminder/releases/tag/1.34.22

lol, I merged the patch for stable already. That also sounds good to me

@andir
Copy link
Member Author

@andir andir commented Nov 4, 2020

Meh, sorry this got delayed.
I think we can update to 1.34.22 for master and 20.09 and only apply the patch for 20.03. https://github.com/ZoneMinder/zoneminder/releases/tag/1.34.22

lol, I merged the patch for stable already. That also sounds good to me

Can you be more specific? I can't see anything that would conflict this.

@mweinelt
Copy link
Member

@mweinelt mweinelt commented Nov 4, 2020

Meh, sorry this got delayed.
I think we can update to 1.34.22 for master and 20.09 and only apply the patch for 20.03. https://github.com/ZoneMinder/zoneminder/releases/tag/1.34.22

lol, I merged the patch for stable already. That also sounds good to me

Can you be more specific? I can't see anything that would conflict this.

Their comment seems to relate to 20.03.

@andir andir force-pushed the zoneminder-CVE-2020-25729 branch from fb96374 to 267e61f Nov 4, 2020
@andir andir force-pushed the zoneminder-CVE-2020-25729 branch from 267e61f to 4d563ba Nov 4, 2020
@mweinelt
Copy link
Member

@mweinelt mweinelt commented Nov 4, 2020

Builds and test lgtm.

@mweinelt mweinelt merged commit f1c65de into NixOS:master Nov 4, 2020
2 of 4 checks passed
2 of 4 checks passed
@github-actions[bot]
tests
Details
@github-actions[bot]
action
Details
@github-actions[bot]
Wait for ofborg This failed status will be cleared when ofborg finishes eval.
Details
@ofborg[bot]
grahamcofborg-eval Checking new out paths
Details
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

3 participants