Skip to content

firewalld: fix CVE-2026-4948#505344

Open
Prince213 wants to merge 1 commit intoNixOS:masterfrom
Prince213:push-vrnuryloluym
Open

firewalld: fix CVE-2026-4948#505344
Prince213 wants to merge 1 commit intoNixOS:masterfrom
Prince213:push-vrnuryloluym

Conversation

@Prince213
Copy link
Copy Markdown
Member

@Prince213 Prince213 commented Mar 31, 2026
edited
Loading

Closes #505280.

Reference: firewalld/firewalld#1548

Things done

  • Built on platform:
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • Tested, as applicable:
  • Ran nixpkgs-review on this PR. See nixpkgs-review usage.
  • Tested basic functionality of all binary files, usually in ./result/bin/.
  • Nixpkgs Release Notes
    • Package update: when the change is major or breaking.
  • NixOS Release Notes
    • Module addition: when adding a new NixOS module.
    • Module update: when the change is significant.
  • Fits CONTRIBUTING.md, pkgs/README.md, maintainers/README.md and other READMEs.

@Prince213 Prince213 added 1.severity: security Issues which raise a security issue, or PRs that fix one 11.by: package-maintainer This PR was created by a maintainer of all the package it changes. backport release-25.11 Backport PR automatically labels Mar 31, 2026
@nixpkgs-ci nixpkgs-ci bot added 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux. 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin. 9.needs: reviewer This PR currently has no reviewers requested and needs attention. 2.status: merge-bot eligible This PR can be merged by commenting "@NixOS/nixpkgs-merge-bot merge". labels Mar 31, 2026
@Prince213
Copy link
Copy Markdown
Member Author

Prince213 commented Mar 31, 2026

nixpkgs-review result

Generated using nixpkgs-review-gha

Command: nixpkgs-review pr 505344 -p firewalld -p firewalld-gui -p firewalld.tests
Commit: 87387903aa47045c1d31e9c6e18d1685d9e592d1 (subsequent changes)
Merge: 890da9435fc8527547c08f244c5daf7dfc15955e

Logs: https://github.com/Prince213/nixpkgs-review-gha/actions/runs/23798748446

x86_64-linux

✅ 4 packages built:
  • firewalld
  • firewalld-gui
  • firewalld.tests.firewall-firewalld
  • firewalld.tests.firewalld

aarch64-linux

❌ 2 packages failed to build:
  • firewalld.tests.firewall-firewalld
  • firewalld.tests.firewalld
✅ 2 packages built:
  • firewalld
  • firewalld-gui

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

1.severity: security Issues which raise a security issue, or PRs that fix one 2.status: merge-bot eligible This PR can be merged by commenting "@NixOS/nixpkgs-merge-bot merge". 9.needs: reviewer This PR currently has no reviewers requested and needs attention. 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin. 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux. 11.by: package-maintainer This PR was created by a maintainer of all the package it changes. backport release-25.11 Backport PR automatically

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Firewalld: firewalld: local unprivileged user can modify firewall state due to d-bus setter mis-authorization

1 participant

@Prince213