Skip to content

opencryptoki: 3.25.0 -> 3.26.0-unstable-2026-04-09#511222

Open
Hythera wants to merge 1 commit intoNixOS:masterfrom
arehtyH:update/opencryptoki
Open

opencryptoki: 3.25.0 -> 3.26.0-unstable-2026-04-09#511222
Hythera wants to merge 1 commit intoNixOS:masterfrom
arehtyH:update/opencryptoki

Conversation

@Hythera
Copy link
Copy Markdown
Member

@Hythera Hythera commented Apr 18, 2026
edited
Loading

diff: opencryptoki/opencryptoki@v3.25.0...ed378f4

fixes: CVE-2026-40253

Closes #510881

Supersedes #460652

Things done

  • Built on platform:
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • Tested, as applicable:
  • Ran nixpkgs-review on this PR. See nixpkgs-review usage.
  • Tested basic functionality of all binary files, usually in ./result/bin/.
  • Nixpkgs Release Notes
    • Package update: when the change is major or breaking.
  • NixOS Release Notes
    • Module addition: when adding a new NixOS module.
    • Module update: when the change is significant.
  • Fits CONTRIBUTING.md, pkgs/README.md, maintainers/README.md and other READMEs.

@nixpkgs-ci nixpkgs-ci bot added 8.has: package (update) This PR updates a package to a newer version 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux. 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin. labels Apr 18, 2026
@Hythera Hythera added 1.severity: security Issues which raise a security issue, or PRs that fix one backport release-25.11 Backport PR automatically labels Apr 18, 2026
@Hythera Hythera marked this pull request as ready for review April 18, 2026 20:04
@Hythera
Copy link
Copy Markdown
Member Author

Hythera commented Apr 18, 2026

nixpkgs-review result

Generated using nixpkgs-review-gha

Command: nixpkgs-review pr 511222
Commit: e390b6c148abde9014a92d8da245efc956c3cfbc (subsequent changes)
Merge: f7b549938763bdc110bdd3ad8cacbe93dd083591

Logs: https://github.com/Hythera/nixpkgs-review-gha/actions/runs/24612703419

x86_64-linux

✅ 3 packages built:
  • opencryptoki
  • simple-tpm-pk11
  • tpm-tools

aarch64-linux

✅ 3 packages built:
  • opencryptoki
  • simple-tpm-pk11
  • tpm-tools

@nixpkgs-ci nixpkgs-ci bot added the 9.needs: reviewer This PR currently has no reviewers requested and needs attention. label Apr 18, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

1.severity: security Issues which raise a security issue, or PRs that fix one 8.has: package (update) This PR updates a package to a newer version 9.needs: reviewer This PR currently has no reviewers requested and needs attention. 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin. 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux. backport release-25.11 Backport PR automatically

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

openCryptoki: Memory safety vulnerabilities in BER/DER decoders in asn1.c

1 participant

@Hythera