| 7 Oct 2025 |
 hexa | it is | 19:11:00 |
| hexa | can you run the build & test? | 19:12:02 |
| hexa | the PR template is a bit too empty for my taste | 19:12:20 |
 @enzime:nixos.dev | In reply to @hexa:lossy.network
can you run the build & test? I ran nixpkgs-review on both PRs which includes the NixOS VM tests succeeding | 19:13:22 |
| hexa | yeah, the PR template is the relevant bit to get an overview though | 19:13:46 |
| @enzime:nixos.dev | In reply to @hexa:lossy.network
yeah, the PR template is the relevant bit to get an overview though updated | 19:14:55 |
 mdaniels5757 | Mind taking a look at https://github.com/NixOS/nixpkgs/pull/448639? Backport to fix 4 CVEs: 2 unauthenticated vulns that allow reading arbitrary files, 2 authenticated vulns for RCE. | 22:34:06 |
| 8 Oct 2025 |
| @enzime:nixos.dev | hexa thanks for the review | 06:21:45 |
| @enzime:nixos.dev left the room. | 06:21:54 |
 j-k | https://seclists.org/oss-sec/2025/q4/18
Go 1.24.8 and 1.25.2
These minor releases include 10 security fixes
| 08:08:32 |
 K900 | Merged on staging-next minutes ago | 08:09:22 |
|  Felix Schröter changed their display name from Felix Schröter (🌄 29.09. – 05.10.) to Felix Schröter. | 13:09:33 |
| 9 Oct 2025 |
|  srhb set a profile picture. | 07:08:03 |
|  Stefan Nürnberger joined the room. | 09:39:25 |
|  @notgne2:wizbos.club left the room. | 20:10:13 |
| 10 Oct 2025 |
 niklaskorz | https://nvidia.custhelp.com/app/answers/detail/a_id/5703/~/security-bulletin%3A-nvidia-gpu-display-drivers---october-2025 | 12:25:46 |
| niklaskorz | version we're shipping as legacy_535 is again affected but I haven't checked yet if the CVE is relevant to NixOS | 12:26:05 |
| niklaskorz | (personally I'd be in favor of dropping 535 for NixOS 25.11, the only user I'm aware of is @doronbehar, who's not in this channel I think; but we can discuss that in #security-discuss:nixos.org) | 12:26:53 |
| niklaskorz | 570 driver version we're shipping on 25.05 (570.153.02) is also vulnerable (570.195.03 is available with the fixes) | 12:28:32 |
| niklaskorz | default driver on unstable is not affected / already has the fixes | 12:29:15 |
 leona | found a not maintained TLS impl version (mbedtls), marked as vulnerable for now: https://github.com/NixOS/nixpkgs/pull/450688 | 14:25:34 |
| leona | * found a not maintained TLS impl version (mbedtls_2), marked as vulnerable for now: https://github.com/NixOS/nixpkgs/pull/450688 | 14:26:09 |
| niklaskorz | https://github.com/NixOS/nixpkgs/pull/450729 | 16:48:13 |
| 11 Oct 2025 |
|  midischwarz12 joined the room. | 21:01:41 |
| 12 Oct 2025 |
| midischwarz12 removed their profile picture. | 02:45:02 |
| midischwarz12 set a profile picture. | 02:45:11 |
|  Anton (he/him) changed their display name from Anton to Anton (he/him). | 13:18:01 |
| 13 Oct 2025 |
| niklaskorz | nvidia 535 update with beforementioned CVE fixes:
https://github.com/NixOS/nixpkgs/pull/451618 | 09:43:33 |
| hexa | https://seclists.org/oss-sec/2025/q4/26 | 21:54:56 |
| hexa | * https://seclists.org/oss-sec/2025/q4/26 boringssl | 21:55:02 |
