Release 2024_007 (2024-02-26)¶
Impact¶
[NixOS 23.11] Gitlab will be restarted.
NixOS 23.11 platform¶
webgateway/nginx: Reintroduce optional rate limiting for nginx to enable when needed to counter rapid reset attacks (originally part of release 2024_005, temporarily removed in 2024_006) (PL-132210).
webproxy: the Varnish command line can now be overridden by setting the
flyingcircus.services.varnish.extraCommandLine
option (PL-132106).docker: document how to upgrade machines that still use the deprecated
devicemapper
storage driver. (PL-132175).opensearch: document migration path from Elasticsearch 6.
Package security updates (PL-132233):
gitlab: 16.7.5 -> 16.7.6 (CVE-2023-4895, CVE-2024-0861, CVE-2023-3509, CVE-2024-0410)
mastodon: 4.2.6 -> 4.2.7 (CVE-2024-25623)
Production channel URL for this release: https://hydra.flyingcircus.io/build/382222/download/1/nixexprs.tar.xz
NixOS 22.11 platform¶
Document that upgrades from Elasticsearch 6 to 7 are irreversible due to index changes (PL-131888).
Production channel URL for this release: https://hydra.flyingcircus.io/build/382099/download/1/nixexprs.tar.xz
Detailed Changes¶
NixOS 23.11: platform code, nixpkgs/upstream changes
NixOS 22.11: platform code