!ZRgXNaHrdpGqwUnGnj:nixos.org

NixOS Security Triage

660 Members
Coordination and triage of security issues in nixpkgs | Discussions in #security-discuss:nixos.org | Open PRs: https://github.com/NixOS/nixpkgs/pulls?q=is%3Apr+is%3Aopen+sort%3Aupdated-desc+label%3A%221.severity%3A+security%22202 Servers

Load older messages

SenderMessageTime
24 Jan 2026
@hexa:lossy.networkhexaper https://peps.python.org/pep-0719/ that would be Feb 3rd20:36:07
@hexa:lossy.networkhexasame for 3.14 per https://peps.python.org/pep-0745/20:36:41
@vcunat:matrix.orgvcunatIt would be nice to get a review on libxml2 patching: https://github.com/NixOS/nixpkgs/pull/48084420:45:20
@vcunat:matrix.orgvcunat So that we can pull this stdenv rebuild into staging-next-25.11 soon. 20:45:48
25 Jan 2026
@cve:entropia.de@cve:entropia.de left the room.16:11:42
@hedgemage:unredacted.org@hedgemage:unredacted.org left the room.19:11:47
@tim:stratum0.orgdadada changed their profile picture.20:33:59
@tim:stratum0.orgdadada changed their profile picture.20:39:02
@tim:stratum0.orgdadada changed their profile picture.21:17:38
27 Jan 2026
@whispers:catgirl.cloudwhispers [& it/fae] changed their display name from whispers (it/fae) to whispers [& it/fae].02:51:44
@sigmasquadron:matrix.orgFernando RodriguesXSAs #477 and #479: https://github.com/NixOS/nixpkgs/pull/48437012:09:22
@tgerbet:matrix.orgtgerbetGnuPG with possible RCE https://www.openwall.com/lists/oss-security/2026/01/27/817:47:11
@tgerbet:matrix.orgtgerbetSame for OpenSSL https://www.openwall.com/lists/oss-security/2026/01/27/517:49:08
@tgerbet:matrix.orgtgerbetThe possible RCE does not impact the 2.4.x branch we are using apparently17:53:11
@vcunat:matrix.orgvcunatI'll update it.18:27:10
@vcunat:matrix.orgvcunathttps://github.com/NixOS/nixpkgs/pull/48446318:28:37
28 Jan 2026
@vcunat:matrix.orgvcunatOlder openssl branch: https://github.com/NixOS/nixpkgs/pull/48464107:37:03
@nina.fromm:cyberus-technology.deNina Fromm joined the room.16:52:59
30 Jan 2026
@os:matrix.flyingcircus.ioosnyx (he/him)The November grub2 security patches never made it into 25.11, only master and 25.05. https://github.com/NixOS/nixpkgs/pull/48529211:10:48
@hexa:lossy.networkhexa tgif, @K900 can you merge that with the kernel bumps? 12:44:04
@vcunat:matrix.orgvcunat I rebased it to staging-next-25.11 which should merge within a week. 12:48:08
@vcunat:matrix.orgvcunat(hopefully 4-5 days if we don't run into significant regressions)12:48:52
@vcunat:matrix.orgvcunat * I rebased it to staging-next-25.11 which should merge to release-25.11 within a week. 12:49:14
@vcunat:matrix.orgvcunat* (hopefully in 4-5 days if we don't run into significant regressions)12:49:20
31 Jan 2026
@hexa:lossy.networkhexahttps://github.com/NixOS/nixpkgs/pull/485632 expat14:14:01
1 Feb 2026
@sigmasquadron:matrix.orgFernando Rodrigues changed their display name from SigmaSquadron to Fernando Rodrigues.10:42:46
@aloisw:julia0815.de@aloisw:julia0815.de left the room.13:11:02
@riley.walligham:matrix.orgRiley Wallingham joined the room.18:06:04
@forynja:matrix.orgJackrabb1t joined the room.21:01:29
@matrix:03j.de@matrix:03j.de left the room.22:19:15

There are no newer messages yet.

Back to Room ListRoom Version: 6