| 24 Oct 2025 |
 niklaskorz | Tarmageddon tracking issue: https://github.com/NixOS/nixpkgs/issues/455265
The "check manually" part is bigger than I'd have liked (script improvals welcome), but considering there are over 2000 packages that the script handled fine, I think it's still reasonably small. | 16:20:28 |
| 25 Oct 2025 |
 SigmaSquadron | * XSA #476
master: https://github.com/NixOS/nixpkgs/pull/455225
release-25.05: https://github.com/NixOS/nixpkgs/pull/455226 | 03:18:01 |
| SigmaSquadron | Whoops, yes. I wrote a 5 when I should've written a 2. Sorry about that; it was late and I went to bed shortly after posting. | 03:18:37 |
| SigmaSquadron | * | 03:18:50 |
| 26 Oct 2025 |
 tgerbet | https://github.com/NixOS/nixpkgs/pull/455943 | 17:42:44 |
| tgerbet | Disputed
https://github.com/NixOS/nixpkgs/pull/455945 | 17:43:13 |
 dotlambda | https://github.com/NixOS/nixpkgs/pull/455984 fixes two undisclosed vulnerabilities in ImageMagick | 19:40:54 |
| 27 Oct 2025 |
| dotlambda | https://github.com/NixOS/nixpkgs/pull/456046 probably fixes a vulnerability in Postfix but there is no official announcement yet | 01:55:21 |
| dotlambda | * https://github.com/NixOS/nixpkgs/pull/455984 fixes two undisclosed vulnerabilities in ImageMagick
EDIT: the vulnerability reports were now published | 01:56:01 |
| dotlambda | * https://github.com/NixOS/nixpkgs/pull/455984 fixes two undisclosed vulnerabilities in ImageMagick
EDIT: the vulnerability reports are now published | 01:56:16 |
|  Dustin Plattner changed their display name from Dustin to Dustin Plattner. | 02:57:36 |
|  ➡️@amadaluzia:unredacted.org joined the room. | 23:56:26 |
| 28 Oct 2025 |
 K900 | https://www.phoronix.com/news/X.Org-Server-3-Vuln-Oct-2025 Xorg again | 13:49:07 |
| K900 | xwayland: https://github.com/NixOS/nixpkgs/pull/456494
Someone else do xorgserver please my brain is very mush | 16:47:49 |
|  zitrone joined the room. | 23:41:42 |
| 29 Oct 2025 |
 mdaniels5757 | Backport, approved by maintainer and containing security fixes: https://github.com/NixOS/nixpkgs/pull/455570 | 00:54:25 |
| 2 Nov 2025 |
|  amadaluzia joined the room. | 22:34:47 |
| ➡️@amadaluzia:unredacted.org changed their display name from amadaluzia to ➡️@amadaluzia:unredacted.org. | 22:48:07 |
| 4 Nov 2025 |
|  cafkafk changed their profile picture. | 08:22:52 |
 hexa | https://seclists.org/oss-sec/2025/q4/127 curl | 13:24:04 |
 Grimmauld (any/all) | 8.17.0 is scheduled to be released tomorrow, i don't think we can do anything yet | 13:26:52 |
| K900 | Do we yeet the cycle again then | 13:27:48 |
 vcunat | Severity isn't mentioned yet? | 13:38:00 |
| vcunat | * Severity isn't mentioned yet? (I fail to see it) | 13:38:06 |
| vcunat | Ah, now I see "Moderate". | 13:39:04 |
| vcunat | Either way, 25.05 seems more of a concern than master/unstable. | 13:40:37 |
|  somasis joined the room. | 19:08:23 |
|  whispers (it/fae) joined the room. | 20:15:04 |
|  Alex Stephan joined the room. | 20:17:01 |
|  PhiliPdB joined the room. | 22:13:31 |
