Release 2024_007 (2024-02-26)

Impact

  • [NixOS 23.11] Gitlab will be restarted.

NixOS 23.11 platform

  • webgateway/nginx: Reintroduce optional rate limiting for nginx to enable when needed to counter rapid reset attacks (originally part of release 2024_005, temporarily removed in 2024_006) (PL-132210).

  • webproxy: the Varnish command line can now be overridden by setting the flyingcircus.services.varnish.extraCommandLine option (PL-132106).

  • docker: document how to upgrade machines that still use the deprecated devicemapper storage driver. (PL-132175).

  • opensearch: document migration path from Elasticsearch 6.

  • Package security updates (PL-132233):

    • gitlab: 16.7.5 -> 16.7.6 (CVE-2023-4895, CVE-2024-0861, CVE-2023-3509, CVE-2024-0410)

    • mastodon: 4.2.6 -> 4.2.7 (CVE-2024-25623)

  • Production channel URL for this release: https://hydra.flyingcircus.io/build/382222/download/1/nixexprs.tar.xz

NixOS 22.11 platform

Detailed Changes