Release 2020_014 (2020-05-25)

Impact

  • [NixOS 19.03] Almost all services will be restarted (caused by the openssl update).

  • [Gentoo] sshd will be restarted.

NixOS 19.03 platform

  • Generate all locales instead of just en_US.utf8 (#126182).

  • Pick up latest upstream security fixes for 19.03. Affected packages: openssl, pyopenssl, aspell, fribidi.

  • Retry system update on failure if update in maintenance is enabled. This is expected to avoid failed maintenance jobs (#126172).

Gentoo platform

  • Update keepalived to 2.0.20 to allow setting preferred_lft. Work around for active routers to be able to speak IPv6 to the world in specific data center situations (#120274).

  • Security updates for: sudo, openssh, openssl, git, tar, curl (#123291).

  • Enable driver support for Mellanox Gen 5 cards to supplement our routers with another vendor (#126290).

  • Remove GLSA monitoring on Gentoo as the update process is End Of Life and now only performed with a schedule-based review of existing high priority GLSAs but not per system (#126186).