Release 2024_024 (2024-08-05)

Impact

  • [NixOS 24.05] Machines will reboot after the update to activate the changed kernel.

NixOS 24.05 platform

  • antivirus: the Sensu monitoring check now only warns about stale ClamAV data files after 26 hours, to prevent spurious warnings from machines which have a delayed update job for load spreading purposes (PL-132844).

  • flyingcircus.roles.mailserver now works in the devhost environment (PL-132682).

  • opensearch: single-node clusters will now enter maintenance without checking if the cluster health is in the green state (PL-132797).

  • Pull upstream NixOS changes, security fixes and package updates (PL-132838):

    • apacheHttpd: 2.4.61 -> 2.4.62

    • bind: 9.18.27 -> 9.18.28 (CVE-2024-1975, CVE-2024-4076, CVE-2024-1737, CVE-2024-0760)

    • chromedriver: 126.0.6478.126 -> 126.0.6478.182

    • chromium: 126.0.6478.126 -> 126.0.6478.182

    • consul: 1.18.2 -> 1.18.3

    • discourse: 3.2.3 -> 3.2.4 (CVE-2024-38360)

    • element-web: 1.11.70 -> 1.11.71

    • go: 1.22.4 -> 1.22.5

    • grafana: 10.4.5 -> 10.4.6

    • imagemagick: 7.1.1-32 -> 7.1.1-35

    • linux_5_15: 5.15.162 -> 5.15.163

    • mariadb: 10.5.25, 10.6.18, 10.11.8, 11.0.6

    • matrix-synapse: 1.110.0 -> 1.111.0

    • nix: 2.18.4 -> 2.18.5

    • nodejs_18: 18.20.3 -> 18.20.4

    • nodejs_20: 20.12.2 -> 20.15.1

    • nodejs_22: 22.3.0 -> 22.4.1

    • nss_latest: 3.101.1 -> 3.102

    • openssl: fix CVE-2024-5535

    • qemu: 8.2.5 -> 8.2.6 (CVE-2024-4467)

    • strace: 6.9 -> 6.10

  • Production channel URL for this release: https://hydra.flyingcircus.io/build/468815/download/1/nixexprs.tar.xz

Detailed Changes