| 29 May 2025 |
 hexa | bceause only even minor versions are stable | 17:33:38 |
| hexa | and the update is not straightforward | 17:33:43 |
| hexa | https://github.com/NixOS/nixpkgs/pull/411875 | 17:34:06 |
 Grimmauld (any/all) | uh oh, didn't realize the module needed changing to allow clean updates.... Indeed, not straight-forward, and thanks for explaining :) | 17:35:53 |
| Grimmauld (any/all) | https://github.com/NixOS/nixpkgs/pull/412147
I was already poking systemd for udev stuff earlier today, have the bump pr :)
I tested nixos tests, i did not try to repro the vuln to see if it is truly fixed now.
| 18:41:42 |
| Grimmauld (any/all) | * https://github.com/NixOS/nixpkgs/pull/412147
I was already poking systemd for udev stuff earlier today, have the bump pr :)
i did not try to repro the vuln to see if it is truly fixed now.
| 18:44:10 |
| 30 May 2025 |
 stigo | https://github.com/NixOS/nixpkgs/pull/412233 (considered to be low-medium severity) | 03:39:03 |
 leona | what about backports? just apply to 25.05 and 24.11? | 09:06:59 |
| stigo | In reply to @leona:leona.is
what about backports? just apply to 25.05 and 24.11? Yeah should work fine | 09:58:12 |
| Grimmauld (any/all) | https://github.com/NixOS/nixpkgs/pull/412367
it has been done
Was an absolute pain to make these patches apply properly, i think i didn't horribly butcher anything - review appreciated.
| 14:47:23 |
|  DerivationDingus set a profile picture. | 19:53:54 |
| DerivationDingus changed their profile picture. | 19:55:16 |
| 31 May 2025 |
| Grimmauld (any/all) | https://github.com/jqlang/jq/issues/3327#issuecomment-2924552289
So uh - do we discard builds for this? Or do we fix that next cycle? | 07:15:02 |
 K900 | We barely have builds | 07:17:19 |
| K900 | Send it | 07:17:20 |
| Grimmauld (any/all) | I mean, its bootstrap, soo..... | 07:29:11 |
| Grimmauld (any/all) | but will do | 07:29:19 |
| Grimmauld (any/all) | https://github.com/NixOS/nixpkgs/pull/412590 | 07:37:21 |
|  fhluit87 joined the room. | 12:53:13 |
| 2 Jun 2025 |
|  @bweeks:matrix.org left the room. | 06:01:47 |
| 3 Jun 2025 |
| hexa | https://roundcube.net/news/2025/06/01/security-updates-1.6.11-and-1.5.10 @ma27
https://github.com/NixOS/nixpkgs/pull/412940 | 01:11:03 |
 ma27 | expect a merge today. sorry was in the traveling last weekend and it didn't fit yesterday. | 05:13:17 |
|  yadov3k joined the room. | 12:12:31 |
|  themadbit joined the room. | 18:26:39 |
 Morgan (@numinit) | Samba https://www.samba.org/samba/security/CVE-2025-0620.html | 20:02:40 |
| Morgan (@numinit) | Seems to only apply to 4.21, though. So we may be fine? | 20:04:44 |
| 4 Jun 2025 |
 teutat3s | New electron releases with fixes for CVE-2025-5419 are available, I'll get to creating a PR later today. | 13:13:22 |
| hexa | https://curl.se/docs/CVE-2025-5399.html 8.14.1 | 14:07:26 |
| hexa | * https://curl.se/docs/CVE-2025-5399.html 8.14.1 Scrumplex | 14:07:33 |
 Scrumplex | https://github.com/NixOS/nixpkgs/pull/413896 | 14:08:13 |
