!UNVBThoJtlIiVwiDjU:nixos.org

Staging

317 Members
Staging merges | Find currently open staging-next PRs: https://github.com/NixOS/nixpkgs/pulls?q=is%3Apr+sort%3Aupdated-desc+head%3Astaging-next+head%3Astaging-next-21.05+is%3Aopen109 Servers

Load older messages

SenderMessageTime
5 Oct 2025
@hexa:lossy.networkhexathen no valkey security fixes for nixos-25.0512:27:34
@hexa:lossy.networkhexa* then no valkey security fixes for nixos-25.05 🤷12:27:39
@hexa:lossy.networkhexa 
commit 2c16b1b1617a21c3e2c005a34d421a1b63864544 (mweinelt/valkey-8.1.4, valkey-8.1.4)
Author: Martin Weinelt <hexa@darmstadt.ccc.de>
Date:   Sat Oct 4 22:15:11 2025 +0200

    valkey: 8.1.3 -> 8.1.4
    
    https://github.com/valkey-io/valkey/releases/tag/8.1.4
    
    Fixes: CVE-2025-49844, CVE-2025-46817, CVE-2025-46818, CVE-2025-46819

commit 29d5e4b3a716a11b7eb401ba06af8e0fc437c9d3
Author: Martin Weinelt <hexa@darmstadt.ccc.de>
Date:   Sat Oct 4 21:10:49 2025 +0200

    redis: 8.0.3 -> 8.2.2
    
    https://github.com/redis/redis/releases/tag/8.2.0
    https://github.com/redis/redis/releases/tag/8.2.1
    https://github.com/redis/redis/releases/tag/8.2.2
    
    Fixes: CVE-2025-49844, CVE-2025-46817, CVE-2025-46818, CVE-2025-46819

commit 3886232a1c7e3da5415d60360dd9eff7d0641cb0
Author: Thomas Gerbet <thomas@gerbet.me>
Date:   Sat Oct 4 17:39:16 2025 +0200

    fetchmail_7: unstable-2022-05-26 -> 7.0.0-alpha11
    
    Fixes CVE-2025-61962.

commit 49314339f51950017816aac9d50bdd3a5fe430f5
Author: Thomas Gerbet <thomas@gerbet.me>
Date:   Sat Oct 4 17:33:23 2025 +0200

    fetchmail: 6.5.1 -> 6.5.6
    
    Fixes CVE-2025-61962.
    
    https://sourceforge.net/p/fetchmail/git/ci/6.5.6/tree/NEWS

commit 3509c9149c8b8749d4e1e6dbc1373407e1fde3af
Author: Thomas Gerbet <thomas@gerbet.me>
Date:   Sat Oct 4 15:23:15 2025 +0200

    gegl: 0.4.62 -> 0.4.64
    
    Fixes CVE-2025-10921.
    
    Changes:
    https://gitlab.gnome.org/GNOME/gegl/-/commits/GEGL_0_4_64?ref_type=tags

commit 9c768f1f9317a9394c400abb88e2adce89b73c28
Author: networkException <git@nwex.de>
Date:   Thu Oct 2 20:55:46 2025 +0200

    ungoogled-chromium: 140.0.7339.207-1 -> 141.0.7390.54-1
    
    https://developer.chrome.com/blog/new-in-chrome-141
    
    https://developer.chrome.com/release-notes/141
    
    https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html
    
    This update includes 21 security fixes.
    
    CVEs:
    CVE-2025-11205 CVE-2025-11206 CVE-2025-11207 CVE-2025-11208
    CVE-2025-11209 CVE-2025-11210 CVE-2025-11211 CVE-2025-11212
    CVE-2025-11213 CVE-2025-11215 CVE-2025-11216 CVE-2025-11219

commit 0266e36ed7ba9b55cc7eef391f998b6ea8ec8937 (mweinelt/django-5.2.7, django-5.2.7)
Author: Martin Weinelt <hexa@darmstadt.ccc.de>
Date:   Thu Oct 2 17:29:56 2025 +0200

    python3Packages.django_5_1: 5.1.12 -> 5.1.13
    
    https://docs.djangoproject.com/en/5.1/releases/5.1.13/
    https://www.djangoproject.com/weblog/2025/oct/01/security-releases/
    
    Fixes: CVE-2025-59681, CVE-2025-59682

commit 4aad373382d54920a4987d85337b6cd3f52e894a
Author: Martin Weinelt <hexa@darmstadt.ccc.de>
Date:   Thu Oct 2 17:26:54 2025 +0200

    python3Packages.django_5_2: 5.2.6 -> 5.2.7
    
    https://docs.djangoproject.com/en/5.2/releases/5.2.7/
    https://www.djangoproject.com/weblog/2025/oct/01/security-releases/
    
    Fixes: CVE-2025-59681, CVE-2025-59682
12:47:06
@hexa:lossy.networkhexae.g. blocking a browser update12:47:56
@hexa:lossy.networkhexa* e.g. blocking a major browser update12:48:01
@vcunat:matrix.orgVladimír Čunát staging-next merged 13:33:05
@k900:0upti.meK900 So are we doing 25.05 then 13:34:14
@k900:0upti.meK900 With the Redis fixes 13:34:33
@k900:0upti.meK900I would prefer unstable to get the Qt changes first tbh but ehhhhhhhh13:34:58
@hexa:lossy.networkhexawell13:40:21
@hexa:lossy.networkhexayou probably can't promise me we'll to 25.05 after another staging cycle either 😄 13:40:37
@hexa:lossy.networkhexa* you probably can't promise me we'll do 25.05 after another staging cycle either 😄 13:40:43
@hexa:lossy.networkhexaI think we can kill that eval https://github.com/NixOS/nixpkgs/pull/372501#discussion_r240449947414:04:33
@hexa:lossy.networkhexawell, we likely have time to build stuff, but that eval will likely not pass tested14:08:45
@hexa:lossy.networkhexahopefully not14:08:49
@hexa:lossy.networkhexanvm, this went to staging14:13:17
@noob_tea:matrix.orgtea joined the room.14:34:06
@vcunat:matrix.orgVladimír Čunát We (still) do have cmake 4 -triggered blockers for nixos-unstable. 15:34:47
@vcunat:matrix.orgVladimír Čunát * We (still) do have cmake 4 -triggered blocker(s) for nixos-unstable. 15:35:06
@k900:0upti.meK900touchegg, really17:07:08
@k900:0upti.meK900Can we just kill that thing already17:07:19
6 Oct 2025
@vcunat:matrix.orgVladimír ČunátUp to me, I guess: https://github.com/NixOS/nixpkgs/pull/44904006:46:38
@vcunat:matrix.orgVladimír Čunát I'll merge fast, so that I can bump the tested job and discover more regressions early. 06:47:07
@vcunat:matrix.orgVladimír Čunát * I'll merge fast, so that I can bump the tested job and discover more channel-blocking regressions early. 06:47:15
@willi:butz.cloudWilli Butz joined the room.13:02:29
@dawnofmidnight:catgirl.cloud@dawnofmidnight:catgirl.cloud joined the room.15:27:22
@ty:tjll.nettylerjl

Hey, I'm not a committer but trying to assist where able

I'm looking at some CVEs for binutils 2.44 and since the patches are only in 2.45/unstable I was going to backport them to 2.44. I assume I should base on staging since (I'm assuming) the package is likely a dependency across a pretty wide blast radius?

15:49:25
@k900:0upti.meK900Yes15:50:20
@k900:0upti.meK900But also we might just land 2.45?15:50:27
@k900:0upti.meK900I don't know what the plan for that is15:50:35

Show newer messages

Back to Room ListRoom Version: 6