-
-
Notifications
You must be signed in to change notification settings - Fork 13.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
k3s_1_26: 1.26.5+k3s1 -> 1.26.6+k3s1 #242272
Conversation
Result of 1 package built:
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Build looks OK and tests are passing.
Should this upgrade be backported to 23.05? Or do we need to apply the security fix to the version we currently have on 23.05?
Result of nixpkgs-review pr 242272
run on x86_64-linux 1
1 package built:
- k3s_1_26
Backport failed for Please cherry-pick the changes locally. git fetch origin release-23.05
git worktree add -d .worktree/backport-242272-to-release-23.05 origin/release-23.05
cd .worktree/backport-242272-to-release-23.05
git checkout -b backport-242272-to-release-23.05
ancref=$(git merge-base 141f167f1430b4c712b73321c4f182261e88329c f4079a45d31bac551b5853ad6f229e27f99a3ad6)
git cherry-pick -x $ancref..f4079a45d31bac551b5853ad6f229e27f99a3ad6 |
Yup, for security reasons this should be backported. A shame the automatic backport bot failed, I'll do it by hand |
Ahh, the backport failed because #242293 isn't merged yet. I'll cherry-pick this commit onto that branch too. |
Description of changes
This update was made via
nix-shell maintainers/scripts/update.nix --argstr package k3s_1_26
, and no additional changes were needed beyond what the script did.Upstream release notes: https://github.com/k3s-io/k3s/releases/tag/v1.26.6%2Bk3s1
This also fixes CVE-2023-2728.
The upstream k3s notes don't mention it, but the k8s ones do
Things done
sandbox = true
set innix.conf
? (See Nix manual)NixOS tests:
nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD"
. Note: all changes have to be committed, also see nixpkgs-review usage./result/bin/
)