Release 2024_014 (2024-04-29)

Impact

• [NixOS 23.11] Gitlab and LAMP/PHP applications will be restarted.

NixOS 23.11 platform

• gitlab: 16.10.2 -> 16.10.4 (PL-132474).

• php/lamp: fix glibc CVE-2024-2961 for PHP as there are signs that CVE-2024-2961 is easier to exploit in PHP applications. PHP specifically is rebuilt against glibc-2.38-66 while the rest of the system still uses glibc-2.38-44 until glibc gets updated in upstream nixpkgs (PL-132468).

• Production channel URL for this release: https://hydra.flyingcircus.io/build/413948/download/1/nixexprs.tar.xz

Detailed Changes

• NixOS 23.11: platform code, nixpkgs/upstream changes