Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Backport release-24.11] electron_31-bin: mark as insecure because it's EOL, electron-source.electron_31: remove as it's EOL #374318

Open
wants to merge 4 commits into
base: release-24.11
Choose a base branch
from
Open

[Backport release-24.11] electron_31-bin: mark as insecure because it's EOL, electron-source.electron_31: remove as it's EOL #374318

wants to merge 4 commits into from
+18 −1,004

Conversation

emilylange
Copy link
Member

Manual backport of #370758.

@emilylange
electron_31-bin: 31.7.6 -> 31.7.7
5f47b6b 
- Changelog: https://github.com/electron/electron/releases/tag/v31.7.7
- Diff: electron/electron@refs/tags/v31.7.6...v31.7.7
- Fixes CVE-2024-12053
- Fixes CVE-2024-12693
- Fixes CVE-2024-12694

(cherry picked from commit db2e774)
@emilylange
electron-chromedriver_31: 31.7.6 -> 31.7.7
0ef7442 
- Changelog: https://github.com/electron/electron/releases/tag/v31.7.7
- Diff: electron/electron@refs/tags/v31.7.6...v31.7.7
- Fixes CVE-2024-12053
- Fixes CVE-2024-12693
- Fixes CVE-2024-12694

(cherry picked from commit 893cf02)
@emilylange
electron_31-bin: mark as insecure because it's EOL
c0ee328 
https://github.com/electron/electron/blob/2745771a22dc7aec4364fec758804e0b7f230357/docs/tutorial/electron-timelines.md
(cherry picked from commit c2699af)
@emilylange
electron-source.electron_31: remove as it's EOL
32f72fd 
https://github.com/electron/electron/blob/2745771a22dc7aec4364fec758804e0b7f230357/docs/tutorial/electron-timelines.md

Ref: aa01edd
(cherry picked from commit cd1c17d)
@emilylange emilylange added the 1.severity: security Issues which raise a security issue, or PRs that fix one label Jan 16, 2025
@emilylange emilylange closed this Jan 16, 2025
@emilylange emilylange reopened this Jan 16, 2025
@nix-owners nix-owners bot requested a review from networkException January 16, 2025 16:15
@emilylange
Copy link
Member Author

Affected packages:

For more context see #374318.

  • For fenshin, upstream was notified and nixpkgs not bumped (users have to opt-into the EOL electron_31)
  • webcord-vencord will be fixed in unstable and then backported, as per webcord: 4.10.2 -> 4.10.3 #371819 (comment)
  • zap-chip maintainer is not responding (users have to opt-into the EOL electron_31)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@networkException networkException Awaiting requested review from networkException

Assignees
No one assigned
Labels
1.severity: security Issues which raise a security issue, or PRs that fix one
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@emilylange