Skip to content

dnsdist: 1.9.8 -> 1.9.9#402865

Merged
LeSuisse merged 1 commit intoNixOS:masterfrom
LeSuisse:dnsdist-1.9.9
May 15, 2025
Merged

dnsdist: 1.9.8 -> 1.9.9#402865
LeSuisse merged 1 commit intoNixOS:masterfrom
LeSuisse:dnsdist-1.9.9

Conversation

@LeSuisse
Copy link
Copy Markdown
Member

@LeSuisse LeSuisse commented Apr 29, 2025
edited
Loading

Fixes CVE-2025-30194.

https://www.dnsdist.org/changelog.html#change-1.9.9

Things done

  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
    • sandbox = relaxed
    • sandbox = true
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 25.05 Release Notes (or backporting 24.11 and 25.05 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
  • Fits CONTRIBUTING.md.

nixpkgs-review result

Generated using nixpkgs-review.

Command: nixpkgs-review pr 402865

aarch64-linux

✅ 1 package built:
  • dnsdist

Add a 👍 reaction to pull requests you find important.

@LeSuisse LeSuisse added 1.severity: security Issues which raise a security issue, or PRs that fix one backport release-24.11 labels Apr 29, 2025
@github-actions github-actions Bot added 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin. 10.rebuild-linux: 1 This PR causes 1 package to rebuild on Linux. 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux. labels Apr 29, 2025
@nix-owners nix-owners Bot requested a review from jojosch April 29, 2025 17:32
matteo-pacini
matteo-pacini previously approved these changes Apr 29, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@matteo-pacini matteo-pacini left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

nixpkgs-review result

Generated using nixpkgs-review.

Command: nixpkgs-review pr 402865 --package nixosTests.dnsdist --package dnsdist

x86_64-linux

✅ 2 tests built:
  • nixosTests.dnsdist.base
  • nixosTests.dnsdist.dnscrypt
✅ 1 package built:
  • dnsdist

@matteo-pacini matteo-pacini added the 12.approvals: 1 This PR was reviewed and approved by one person. label Apr 29, 2025
@matteo-pacini matteo-pacini dismissed their stale review May 1, 2025 22:03

Stale, needs re-review because of new force-push

@LeSuisse
Copy link
Copy Markdown
Member Author

LeSuisse commented May 15, 2025

The force push was a rebase to clear a CI issue. Given this was initially approved and did not receive another review in the past 2 weeks, I'm going to merge this.

@LeSuisse LeSuisse merged commit d09c7dd into NixOS:master May 15, 2025
27 checks passed
@nixpkgs-ci
Copy link
Copy Markdown
Contributor

nixpkgs-ci Bot commented May 15, 2025

Backport failed for release-24.11, because it was unable to cherry-pick the commit(s).

Please cherry-pick the changes locally and resolve any conflicts.

git fetch origin release-24.11
git worktree add -d .worktree/backport-402865-to-release-24.11 origin/release-24.11
cd .worktree/backport-402865-to-release-24.11
git switch --create backport-402865-to-release-24.11
git cherry-pick -x f5c221fe72d34320c2b14381ec009d5c0e4ae27b

@LeSuisse LeSuisse deleted the dnsdist-1.9.9 branch May 15, 2025 10:07
@LeSuisse
Copy link
Copy Markdown
Member Author

LeSuisse commented May 15, 2025

24.11 is not affected as it uses DNSDist 1.8.x

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@matteo-pacini matteo-pacini matteo-pacini left review comments

@jojosch jojosch Awaiting requested review from jojosch

Assignees

No one assigned

Labels

1.severity: security Issues which raise a security issue, or PRs that fix one 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin. 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux. 10.rebuild-linux: 1 This PR causes 1 package to rebuild on Linux. 12.approvals: 1 This PR was reviewed and approved by one person.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@LeSuisse @matteo-pacini