Release 2017_018 (2017-08-23)

Impact

  • [NixOS] Many if not most services will be started due to security updates in underlying libraries.
  • [NixOS] NFS shares will be remounted and produce a spurious warning message (#27810).

NixOS platform

  • Security update: GCC 5.4.0, 4.9.4 (#23873).
  • Security update: Jasper 1.900.31 (#23878).
  • Security update: iptables (#23877).
  • Security update: MySQL 5.5.57 (#24058).
  • Security update: Perl 5.22.3 (#24076).
  • Security update: unzip (#26968).
  • Security update: OpenSSL 1.0.1u, 1.0.2l, 1.1.0f (#27036).
  • Security update: zlib 1.2.11 (#27182).
  • Security update: libxml2 2.9.4 (#23929).
  • Security update: PHP 5.5.35, 5.6.21, 7.0.15 (#24077).
  • Security update: PostgreSQL 9.3.18, 9.4.13, 9.5.8, 9.6.4 (#28101, #27463)
  • Security update: libsndfile 1.0.28 (#23894)
  • Security update: nettle 3.3 (#24060).
  • Security update: OpenVPN 2.4.3 (#27552).
  • Security update: ImageMagick 6.9.9-3 (#28031).
  • Security update: libgcrypt 1.6.6 (#27181).
  • Security update: libarchive 3.3.2 (#23890).
  • Security update: rubygems 2.4.8 (#26900).
  • Security update: bundler 1.10.6 (#26910).
  • Security update: libxslt 1.1.29 (#26902).
  • Security update: MariaDB 10.0.32 (#26901).
  • Security update: shadow 4.5 (#26970).
  • Fix bug with resource group NFS shares: some of them did not get mounted during boot (#27810).
  • Fix bug with fc-agent automatic activation timer (#26699).
  • Improve “channel activate in maintenance” mode (#26699)
  • Provide PHP extensions for PHP 7.0 (#24768).
  • Gather Varnish metrics (#24768).
  • Firewall: DNS traffic is allowed while the firewall is being reconfigured (#27132).
  • Custom labels on VMs are used to label Prometheus metrics (#27132)
  • Remove unused xxdiff and thus gstreamer dependency from xtrabackup (#28030).
  • Add preliminary support to protect applications installed in users’ homes from the Nix gargabe collector (#27553).
  • Configure Nginx so that it uses all available cores (#28021).