Release 2022_017 (2022-07-05)

Impact

• [NixOS 21.11] Most services will be restarted because of a core dependency change. Machines will schedule a reboot to activate the changed kernel.

NixOS 21.11 platform

• Pull upstream NixOS changes that include security fixes and other updates, update Gitlab (#PL-130684, #PL-130706, #PL-130730):

  • apacheHttpd: 2.4.53 -> 2.4.54 (CVE-2022-31813, CVE-2022-30556, CVE-2022-30522, CVE-2022-29404, CVE-2022-28615, CVE-2022-28614, CVE-2022-28330, CVE-2022-26377)

  • gitlab: 14.9.4 -> 14.10.5

  • imagemagick: 7.1.0-35 -> 7.1.0-39

  • libtiff: add patches for CVE-2022-1354 & CVE-2022-1355

  • linux: 5.10.118 -> 5.10.124

  • matrix-synapse: 1.59.1 -> 1.61.1

  • nspr: 4.32 -> 4.34

  • nss_latest: 3.78 -> 3.80

  • python39: 3.9.12 -> 3.9.13

  • vim: 8.2.4816 -> 8.2.4975

• Sensu: remove load check because it has proven to not be a good predictor for problems. We recently added pressure stall information (PSI) to our VM dashboards which are more fine-grained and can be used combined with traditional load for analysing issues but neither is qualified to be used for alerting (#PL-129904).

• Production channel URL for this release: https://hydra.flyingcircus.io/build/170042/download/1/nixexprs.tar.xz

Detailed Changes

• NixOS 21.11: platform code, upstream changes