10 Oct 2024 |
Scrumplex | I can create a PR right away ^^ | 08:04:57 |
Scrumplex | In reply to @scrumplex:duckhub.io I can create a PR right away ^^ https://github.com/NixOS/nixpkgs/pull/347690 | 08:12:56 |
Scrumplex | Also, I have built the new Floorp version here: https://github.com/NixOS/nixpkgs/pull/347677
Should be ready to merge | 08:13:30 |
14 Oct 2024 |
Scrumplex | https://github.com/NixOS/nixpkgs/pull/347342 | 19:50:04 |
15 Oct 2024 |
| dish [Fox/It/She] joined the room. | 07:35:53 |
teutat3s | https://github.com/NixOS/nixpkgs/pull/348779 | 12:14:33 |
16 Oct 2024 |
| @eisfunke:eisfunke.com left the room. | 13:35:57 |
17 Oct 2024 |
| Mic92 changed their display name from Mic92 to Mic3000. | 06:51:17 |
| Mic92 changed their display name from Mic3000 to Mic3000 🌋. | 06:51:46 |
| Mic92 changed their display name from Mic3000 🌋 to Mic92. | 12:22:31 |
Tom | Looks like Grafana is doing some sort of securtiy update https://github.com/grafana/grafana/releases https://github.com/grafana/grafana/tags
Usually it takes them a few hours until all tags have releases. Haven't looked into what they've fixed | 17:46:51 |
Scrumplex | The mentioned vulnerability hasn't been disclosed yet it seems
https://nvd.nist.gov/vuln/detail/CVE-2024-9264 | 17:48:09 |
ma27 | (grafana maintainer here) seen it and keeping an eye on my notifications. | 17:49:20 |
Scrumplex | While we are at the topic of upcoming security fixes. OpenSSL has disclosed a low severity issue here: https://openssl-library.org/news/secadv/20241016.txt
They haven't released an update yet as the issue isn't deemed important. | 17:51:05 |
ma27 | for grafana: https://github.com/NixOS/nixpkgs/pull/349364
no release for 10.4 yet (on 24.05), so not sure if it's even affected, but I'll monitor. | 21:08:53 |
19 Oct 2024 |
| ·☽•Nameless☆•777 · ± changed their profile picture. | 19:11:37 |
20 Oct 2024 |
| meebey aka Mirco Bauer joined the room. | 02:46:43 |
| Georgiy Shevoroshkin joined the room. | 20:07:29 |
21 Oct 2024 |
adamcstephens | https://guix.gnu.org/blog/2024/build-user-takeover-vulnerability/ | 12:17:09 |
adamcstephens | cafkafk has a number of accounts but maybe this one is active? | 12:25:52 |
cafkafk | Yup | 12:26:18 |
cafkafk | This one also is | 12:26:23 |
| cafkafk 🏳️⚧️ joined the room. | 12:28:53 |
emily | (do they not realize it's identical to the recent Nix vulnerability or are they just avoiding mentioning it?) | 13:43:52 |
hexa | Theophane had been reaching out to Ludo on a few occasions, but now that he is gone no idea if that still happens s | 14:07:52 |
hexa | * | 14:07:57 |
Fabián Heredia | In reply to @emilazy:matrix.org (do they not realize it's identical to the recent Nix vulnerability or are they just avoiding mentioning it?) probably from a PR standpoint there are downsides and no upsides to making that mention/parallel. | 18:15:02 |
SigmaSquadron | In reply to @fabianhjr:matrix.org probably from a PR standpoint there are downsides and no upsides to making that mention/parallel. does guix even publicly acknowledge its status as a fork of Nix? | 18:54:41 |
K900 | It's not really a fork anymore | 19:11:04 |
K900 | It diverged so far to effectively be its own thing | 19:11:19 |