Release 2024_026 (2024-09-02)

Impact

  • [NixOS 24.05] Machines will reboot after the update to activate the changed kernel.

NixOS 24.05 platform

  • Fix spurious warnings in telegraf about missing rabbitmq URLs. The federation plugin is not enabled by default and thus the URLs are inaccessible. (PL-131423)

  • Pull upstream NixOS changes, security fixes and package updates (PL-132940)

    • asterisk: 20.9.1 -> 20.9.2

    • bash: 5.2p26 -> 5.2p32

    • chromedriver: 127.0.6533.99 -> 128.0.6613.84

    • chromium: 127.0.6533.99 -> 128.0.6613.84

    • curl: fix CVE-2024-6197

    • dovecot: 2.3.21 -> 2.3.21.1 (CVE-2024-23184, CVE-2024-23185)

    • element-web: 1.11.73 -> 1.11.75

    • github-runner: 2.319.0 -> 2.319.1

    • gitlab: 17.1.3 -> 17.2.4

    • go: 1.22.5 -> 1.22.6

    • grafana: 10.4.6 -> 10.4.7 (CVE-2024-6837)

    • k3s: 1.30.2+k3s2 -> 1.30.3+k3s1

    • linux: 5.15.164 -> 5.15.165

    • mastodon: 4.2.10 -> 4.2.12

    • matrix-synapse: 1.112.0 -> 1.113.0

    • mysql80: 8.0.37 -> 8.0.39

    • nginx: 1.26.1 -> 1.26.2

    • openldap: 2.6.7 -> 2.6.8

    • openvpn: 2.6.10 -> 2.6.12

    • postgresql_12: 12.19 -> 12.20 (CVE-2024-7348)

    • postgresql_13: 13.15 -> 13.16

    • postgresql_14: 14.12 -> 14.13

    • postgresql_15: 15.7 -> 15.8

    • postgresql_16: 16.3 -> 16.4

    • webkitgtk: 2.44.2 → 2.44.3

    • wget: add patch for CVE-2024-38428 Production channel URL for this release: https://hydra.flyingcircus.io/build/478655/download/1/nixexprs.tar.xz

Detailed Changes