Release 2025_032 (2025-09-08)

Impact

24.11

25.05

  • prosody.service will be restarted, potentially interrupting Jitsi sessions.

  • machines will reboot to activate the changed kernel

NixOS 24.11 platform

  • devhost: remove insecure performance improvement options for PostgreSQL. (PL-133628)

    We saw multiple PostgreSQL instances not starting correctly after an unclean shutdown of the instance. In performance testing we saw a negligible benefit only.

    Note that this only affected customers on devhosts.

NixOS 25.05 platform

  • statshost: Remove a misconfigured alias in the automatically generated Nginx configuration for the Grafana service that is enabled as part of the statshost role. This lead to plugins not loading for example due to a change in how Grafana routes to them interally. (PL-134006)

  • devhost: remove insecure performance improvement options for PostgreSQL. (PL-133628)

    We saw multiple PostgreSQL instances not starting correctly after an unclean shutdown of the instance. In performance testing we saw a negligible benefit only.

    Note that this only affected customers on devhosts.

  • jitsi: fix interactive invocations of prosodyctl management command, it needs no access to the turncredentials_secret. (PL-133672)

  • Pull upstream NixOS changes, security fixes, and package updates:

    • bind: 9.20.9 -> 9.20.11

    • cacert: 3.113.1 -> 3.115

    • chromedriver: 139.0.7258.138 -> 139.0.7258.154

    • chromium: 139.0.7258.138 -> 139.0.7258.154

    • gitaly: 18.2.2 -> 18.2.5

    • github-runner: 2.327.1 -> 2.328.0

    • gitlab: 18.2.2 -> 18.2.5

    • gitlab-container-registry: 4.26.0 -> 4.27.0

    • gitlab-ee: 18.2.2 -> 18.2.5

    • gitlab-pages: 18.2.2 -> 18.2.5

    • gitlab-workhorse: 18.2.2 -> 18.2.5

    • go: 1.24.5 -> 1.24.6

    • grafana: 12.0.3 -> 12.0.4

    • imagemagick: 7.1.2-1 -> 7.1.2-2

    • jdk: 21.0.7+6 -> 21.0.8+9

    • jre: 21.0.7+6 -> 21.0.8+9

    • linuxKernelStable: 6.12.43 -> 6.12.44

    • linuxKernelVerify: 6.12.43 -> 6.12.44

    • matrix-synapse: 1.136.0 -> 1.137.0

    • nodejs: 22.17.1 -> 22.18.0

    • nodejs_22: 22.17.1 -> 22.18.0

    • nss_latest: 3.114 -> 3.115

    • openjdk: 21.0.7+6 -> 21.0.8+9

    • phpPackages.composer: 2.8.5 -> 2.8.11

    • postfix: 3.10.3 -> 3.10.4

    • ruby: 3.3.8 -> 3.3.9

    • strace: 6.15 -> 6.16

    • systemd: 257.7 -> 257.8

    • varnish: 7.7.2 -> 7.7.3

Detailed Changes