Release 2017_018 (2017-08-23)¶
Impact¶
[NixOS] Many if not most services will be started due to security updates in underlying libraries.
[NixOS] NFS shares will be remounted and produce a spurious warning message (#27810).
NixOS platform¶
Security update: GCC 5.4.0, 4.9.4 (#23873).
Security update: Jasper 1.900.31 (#23878).
Security update: iptables (#23877).
Security update: MySQL 5.5.57 (#24058).
Security update: Perl 5.22.3 (#24076).
Security update: unzip (#26968).
Security update: OpenSSL 1.0.1u, 1.0.2l, 1.1.0f (#27036).
Security update: zlib 1.2.11 (#27182).
Security update: libxml2 2.9.4 (#23929).
Security update: PHP 5.5.35, 5.6.21, 7.0.15 (#24077).
Security update: PostgreSQL 9.3.18, 9.4.13, 9.5.8, 9.6.4 (#28101, #27463)
Security update: libsndfile 1.0.28 (#23894)
Security update: nettle 3.3 (#24060).
Security update: OpenVPN 2.4.3 (#27552).
Security update: ImageMagick 6.9.9-3 (#28031).
Security update: libgcrypt 1.6.6 (#27181).
Security update: libarchive 3.3.2 (#23890).
Security update: rubygems 2.4.8 (#26900).
Security update: bundler 1.10.6 (#26910).
Security update: libxslt 1.1.29 (#26902).
Security update: MariaDB 10.0.32 (#26901).
Security update: shadow 4.5 (#26970).
Fix bug with resource group NFS shares: some of them did not get mounted during boot (#27810).
Fix bug with
fc-agent
automatic activation timer (#26699).Improve “channel activate in maintenance” mode (#26699)
Provide PHP extensions for PHP 7.0 (#24768).
Gather Varnish metrics (#24768).
Firewall: DNS traffic is allowed while the firewall is being reconfigured (#27132).
Custom labels on VMs are used to label Prometheus metrics (#27132)
Remove unused xxdiff and thus gstreamer dependency from xtrabackup (#28030).
Add preliminary support to protect applications installed in users’ homes from the Nix gargabe collector (#27553).
Configure Nginx so that it uses all available cores (#28021).