|
| 1 | +# Release 2024_031 |
| 2 | + |
| 3 | +## Impact |
| 4 | + |
| 5 | +- NFS clients will be rebooted to activate the new configuration. This happens |
| 6 | + as a side effect of a kernel update. In the future changes to NFS client |
| 7 | + settings will cause explicit reboot requests. |
| 8 | + |
| 9 | +- Activate DDoS SSH rules in fail2ban for non-production machines |
| 10 | + |
| 11 | +- Machines will schedule a maintenance reboot to activate the new kernel. |
| 12 | + |
| 13 | +## NixOS XX.XX platform |
| 14 | + |
| 15 | +- Make NFS clients more resilient against missing servers during bootstrap, |
| 16 | + upgrades, and reboot scenarios. (PL-133062) |
| 17 | + |
| 18 | +- Activate DDoS SSH rules in fail2ban for non-production machines. (PL-132477) |
| 19 | + This may have impact if you have multiple unauthenticated SSH connections in a short time. |
| 20 | + We will roll out this change to production VMs too if no problems occur. |
| 21 | + |
| 22 | +- Explain how to use the the new release metadata URLs in DevHosts. (FC-41601) |
| 23 | + |
| 24 | +- varnish: Fix syntax error handling during hot reloads. We silently did |
| 25 | + not fail on errors which masked issues until the next reboot causing |
| 26 | + varnish to then fail e.g. during scheduled maintenance. We now fail |
| 27 | + more visibly but keep running the old config, still. (FC-41403) |
| 28 | + |
| 29 | +- Pull upstream NixOS changes, security fixes and package updates: |
| 30 | + - chromium: 129.0.6668.100 -> 130.0.6723.69 (CVE-2024-10229, CVE-2024-10230, CVE-2024-10231) |
| 31 | + - discourse: 3.2.5 -> 3.3.2 |
| 32 | + - docker: 27.3.0 -> 27.3.1 |
| 33 | + - element-web: 1.11.81 -> 1.11.82 |
| 34 | + - firefox: 131.0.3 -> 132.0 |
| 35 | + - github-runner: 2.319.1 -> 2.320.0 |
| 36 | + - gitlab: 17.2.8 -> 17.3.6 |
| 37 | + - grafana: 10.4.10 -> 10.4.11 |
| 38 | + - linux: 5.15.164 -> 5.15.169 |
| 39 | + - nss_latest: 3.105 -> 3.106 |
| 40 | + - unifi8: 8.4.62 -> 8.5.6 |
0 commit comments