| 21 Mar 2026 |
 emily | perhaps revert for now? | 14:12:53 |
 K900 | @ElvishJerricco has a fix | 14:20:44 |
 ElvishJerricco | If no one's going to review it then I guess we just revert though | 14:21:15 |
| ElvishJerricco | I'd merge because I'm reasonably sure of the fix. But plausibly the original PR did it that way for some reason and the author / reviewers of it should chime in. I mean I think that's unlikely but that's one reason I haven't just self-merged it | 14:22:52 |
| emily | we had a fix 20 hours ago, we could have merged a revert like 24 hours ago | 14:31:17 |
 vcunat | Rebuilding all tests takes a while, but yes. | 14:39:49 |
| vcunat | * Rebuilding all tests takes a while, but yes.
(at least I assume that the fix wouldn't rebuild most tests) | 14:55:56 |
| vcunat | I guess we revert for now:
https://github.com/NixOS/nixpkgs/pull/501963 | 15:01:56 |
| 23 Mar 2026 |
 dish [Fox/It/She] | Closes 10 currently open security issues for siyuan https://github.com/NixOS/nixpkgs/pull/502753 | 18:20:37 |
| 24 Mar 2026 |
 leona | https://github.com/NixOS/nixpkgs/pull/503140 nginx | 20:11:50 |
| dish [Fox/It/She] | https://nodejs.org/en/blog/vulnerability/march-2026-security-releases | 21:38:22 |
| dish [Fox/It/She] | nodejs | 21:38:23 |
| dish [Fox/It/She] | 2 high, 5 medium, 2 low severity CVEs | 21:40:58 |
| dish [Fox/It/She] | 24.x and earlier are only affected by 4 of the medium vulns, but all of the high and low ones as well | 21:41:24 |
| dish [Fox/It/She] | PR submitted for all 4 versions https://github.com/NixOS/nixpkgs/pull/503168 | 21:48:49 |
 whispers [& it/fae] | aduh95 did this in #503151, #503152, #503153, and #503154 | 21:50:46 |
| whispers [& it/fae] | * aduh95 did this in #503151, #503152, #503153, and #503154. all are already merged. 24 to staging, the rest to master. | 21:50:59 |
| dish [Fox/It/She] | my apologies, didn't see those. Thank you! | 21:51:30 |
| 25 Mar 2026 |
 Fernando Rodrigues | https://xenbits.xenproject.org/xsa/advisory-482.html XSA targetting a Linux driver | 01:04:14 |
| Fernando Rodrigues | * | 01:04:31 |
| Fernando Rodrigues | I'm not entirely sure how to patch out kernels though | 01:04:55 |
| Fernando Rodrigues | * | 01:05:00 |
 Alyssa Ross | Presumably mainline will have the patch at some point? | 06:37:24 |
| Alyssa Ross | but maybe we should askā¦ | 06:41:23 |
| Fernando Rodrigues | it will; this would be about patching ahead of schedule. We do that for Xen since minor version bumps take forever to release, but I'm not sure how we do things in the kernel. | 06:56:21 |
| Alyssa Ross | stable kernels are weekly, but this patch has not even been posted to a kernel list yet | 06:58:51 |
| Alyssa Ross | ah but it was committed directly to Linus's tree, good | 07:01:17 |
| Alyssa Ross | so generally it will be in 7.0-rc6 on Sunday, and then stable kernels the following Friday. | 07:01:55 |
| Alyssa Ross | but in this case, I already see them in the stable kernel queue, so they're likely to make it into this Friday's instead | 07:04:21 |
| Fernando Rodrigues | awesome | 07:42:27 |
