Release 2020_031 (2020-09-28)¶
Impact¶
[NixOS 19.03] Multiple services will be restarted, including elasticsearch, httpd, mongodb, mysql, openvpn, postgresql, redis, rabbitmq and sshd.
NixOS 19.03 platform¶
Nginx: anonymize IP addresses (IPv4 and IPv6) in access logs by default. We use a patched Nginx which provides $remote_addr_anon as a variable for log formats. This variable is used in the default combined log format (#127632).
Security updates for mcpp (patch CVE-2019-14274), Python (2.7.17 -> 2.7.18, 3.6.9 -> 3.6.11, 3.7.4 -> 3.7.8), sysstat (12.2.0 -> 12.2.3), and unzip (patch CVE-2019-13232) (#128665).
Mail server: Grant users holding the „sudo-srv“ permission sudo access to the „vmail“ system user.
Journal, logging: make unit script names more readable, for example
postgresql-start
instead of<hash>-unit-script-postgresql-start
(#126523).