Release 2025_023 (2025-07-07)

Impact

24.11

This is the last 24.11 Platform release including regular NixOS software updates from the upstream distribution. Please consider updating to Platform 25.05. Security updates will only be performed for selected packages with a high impact and an (even indirect) remote vector, for a limited period.

NixOS 24.11 platform

• Improve convergence in internal S3 user management. Secrets are now also being reported back to our configuration management. This reduces error potential in the future in the secret management (PL-133656)

• Improve our internal image update script to not fail on temporary DNS errors (PL-133726)

• Pull upstream NixOS changes, security fixes, and package updates:

  • chromedriver: 137.0.7151.119 -> 138.0.7204.49

  • chromium: 137.0.7151.119 -> 138.0.7204.49

  • clamav: 1.4.2 -> 1.4.3

  • firefox: 139.0.4 -> 140.0.1

  • gitaly: 17.11.4 -> 17.11.5

  • gitlab: 17.11.4 -> 17.11.5

  • gitlab-ee: 17.11.4 -> 17.11.5

  • gitlab-pages: 17.11.4 -> 17.11.5

  • gitlab-workhorse: 17.11.4 -> 17.11.5

  • linuxKernelStable: 6.6.94 -> 6.12.34

  • nss_latest: 3.112 -> 3.113

  • sudo: 1.9.17 -> 1.9.17p1 (CVE-2025-32462, CVE-2025-32463)

NixOS 25.05 platform

• no user facing changes

Detailed Changes

• NixOS 24.11: platform code, nixpkgs/upstream changes, metadata, channel url

• NixOS 25.05: platform code, metadata, channel url