6 Oct 2024 |
| @sofo:matrix.org left the room. | 15:22:36 |
| DerivationDingus changed their display name from bytebandit to DerivationDingus. | 19:43:28 |
7 Oct 2024 |
hexa | https://meta.discourse.org/t/3-3-2-security-and-maintenance-release/329341/1 | 13:29:31 |
8 Oct 2024 |
| schuelermine changed their profile picture. | 16:30:17 |
9 Oct 2024 |
emily | Tor/Mullvad Browser still need updating for the Firefox vulnerabilities | 20:35:53 |
emily | cc felschr | 20:36:25 |
Scrumplex | I assume tor-browser needs to be bumped to 13.5.7? | 20:37:06 |
hexa | floorp and librewolf as well | 20:37:24 |
Scrumplex | https://github.com/mullvad/mullvad-browser/releases/tag/13.5.7 | 20:37:34 |
Scrumplex | https://github.com/NixOS/nixpkgs/pull/347593 | 20:41:19 |
Scrumplex | https://github.com/NixOS/nixpkgs/pull/347594 | 20:45:01 |
Scrumplex | I couldn't quite determine if https://codeberg.org/librewolf/source/releases/tag/131.0.2-1 actually fixes the issue? The diff to the previous tag doesn't seem to change much? | 20:49:12 |
Scrumplex | Latest Floorp release is from 30. September 2024, so I guess there is no patched version
https://floorp.app/en/download?platform=linux | 20:51:20 |
hexa | 131.0.2 is the correct base version | 20:54:36 |
Scrumplex | Oh I just realized that LibreWolf is obviously following Mozilla's versioning ^^ | 20:55:12 |
hexa | dotlambda: ^ | 20:55:13 |
Scrumplex | librewolf-bin needs a bump too, but there is no AppImage release yet: https://gitlab.com/librewolf-community/browser/appimage/-/releases | 20:57:56 |
emily | In reply to @scrumplex:duckhub.io Latest Floorp release is from 30. September 2024, so I guess there is no patched version
https://floorp.app/en/download?platform=linux time for knownVulnerabilities | 20:58:26 |
emily | unless they act soon | 20:58:34 |
emily | not going to join their Discord, but from GitHub I don't see any sign they're even aware of the vulnerability | 20:59:05 |
emily | uh, thought this was #security-discuss:nixos.org though | 20:59:15 |
emily | Scrumplex: (maybe join ^?) | 21:03:26 |
Scrumplex | in the process of joining | 21:03:34 |
| @ereslibre:ereslibre.social joined the room. | 23:21:58 |
| @ereslibre:ereslibre.social left the room. | 23:24:07 |
| schuelermine changed their profile picture. | 23:46:36 |
10 Oct 2024 |
| @cf11:0x2c.org left the room. | 05:03:56 |
magic_rb | In reply to @scrumplex:duckhub.io librewolf-bin needs a bump too, but there is no AppImage release yet: https://gitlab.com/librewolf-community/browser/appimage/-/releases App images are out, currently not at a computer and wont be for a while | 08:03:23 |
emily | it's knownVulnerabilities already, so no rush. | 08:03:46 |
magic_rb | Fixing > knownVulnerabilities imho, so not a critical rush, but still would be nice to get it in asap
| 08:04:40 |