Release 2023_016 (2023-07-03)#

Impact#

  • [23.05] PostgreSQL, Opensearch Dashboards and Apache HTTPD (LAMP) will be restarted. Machines will schedule a reboot to activate the changed kernel.

  • [22.11] Most services will be restarted due to a core dependency change. Machines will schedule a reboot to activate the changed kernel.

NixOS 23.05 platform#

  • postgresql: document an important schema privilege change for PostgreSQL 15 (PL-131589).

  • opensearch-dashboards: make sure that restarting the service works properly (PL-131484).

  • Pull upstream NixOS changes, security fixes and package updates (PL-131594):

    • consul: 1.15.2 -> 1.15.3

    • github-runner: 2.304.0 -> 2.305.0

    • gitlab: 16.0.2 -> 16.0.5

    • grafana: 9.5.3 -> 9.5.5, fix CVE-2023-3128

    • linux: 6.1.31 -> 6.1.35

    • matrix-synapse: 1.85.1 -> 1.86.0

    • nodejs_16: 16.20.0 -> 16.20.1 (CVE-2023-30581, CVE-2023-30585, CVE-2023-30588, CVE-2023-30589, CVE-2023-30590)

    • nodejs_18: 18.16.0 -> 18.16.1 (CVE-2023-30581, CVE-2023-30585, CVE-2023-30588, CVE-2023-30589, CVE-2023-30590)

    • nodejs_20: 20.2.0 -> 20.3.1 (CVE-2023-30581, CVE-2023-30584, CVE-2023-30587, CVE-2023-30582, CVE-2023-30583, CVE-2023-30585, CVE-2023-30586, CVE-2023-30588, CVE-2023-30589, CVE-2023-30590

    • nss: 3.89.1 -> 3.90

    • nss_latest: remove curve25519 support

    • prometheus: 2.42.0 -> 2.44.0

  • Production channel URL for this release: https://hydra.flyingcircus.io/build/274351/download/1/nixexprs.tar.xz

NixOS 22.11 platform#

  • Pull upstream NixOS changes, security fixes and package updates (PL-131594):

    • cacert: 3.89.1 -> 3.90

    • ffmpeg: 4.4.2 -> 4.4.4

    • gitlab: 15.11.7 -> 15.11.9

    • grafana: 9.4.12 -> 9.4.13, fix CVE-2023-3128

    • linux: 5.15.114 -> 5.15.118

    • matrix-synapse: 1.85.1 -> 1.86.0

    • nss: 3.89.1 -> 3.90

    • nss_latest: remove curve25519 support

    • openssl: 3.0.8 -> 3.0.9

    • xorg.libX11: patch CVE-2023-3138

  • Production channel URL for this release: https://hydra.flyingcircus.io/build/274147/download/1/nixexprs.tar.xz

NixOS 21.05 platform#

Detailed Changes#