| 7 Oct 2025 |
|  martijn set a profile picture. | 10:56:00 |
|  @enzime:nixos.dev joined the room. | 18:47:34 |
| @enzime:nixos.dev | anyone want to review my stable backports for Matrix homeservers? | 18:48:16 |
| @enzime:nixos.dev | https://github.com/NixOS/nixpkgs/pull/448579 | 18:48:21 |
| @enzime:nixos.dev | https://github.com/NixOS/nixpkgs/pull/448558 | 18:48:27 |
| @enzime:nixos.dev | these packages have tests which pass | 18:48:54 |
 dish [Fox/It/She] | #Nixpkgs Review Requests | 19:01:12 |
| @enzime:nixos.dev | these include a security release so I thought it would be relevant to post here | 19:02:24 |
| @enzime:nixos.dev | https://matrix.org/blog/2025/08/security-release/ | 19:02:46 |
 hexa | it is | 19:11:00 |
| hexa | can you run the build & test? | 19:12:02 |
| hexa | the PR template is a bit too empty for my taste | 19:12:20 |
| @enzime:nixos.dev | In reply to @hexa:lossy.network
can you run the build & test? I ran nixpkgs-review on both PRs which includes the NixOS VM tests succeeding | 19:13:22 |
| hexa | yeah, the PR template is the relevant bit to get an overview though | 19:13:46 |
| @enzime:nixos.dev | In reply to @hexa:lossy.network
yeah, the PR template is the relevant bit to get an overview though updated | 19:14:55 |
 mdaniels5757 | Mind taking a look at https://github.com/NixOS/nixpkgs/pull/448639? Backport to fix 4 CVEs: 2 unauthenticated vulns that allow reading arbitrary files, 2 authenticated vulns for RCE. | 22:34:06 |
| 8 Oct 2025 |
| @enzime:nixos.dev | hexa thanks for the review | 06:21:45 |
| @enzime:nixos.dev left the room. | 06:21:54 |
 j-k | https://seclists.org/oss-sec/2025/q4/18
Go 1.24.8 and 1.25.2
These minor releases include 10 security fixes
| 08:08:32 |
 K900 | Merged on staging-next minutes ago | 08:09:22 |
|  Felix Schröter changed their display name from Felix Schröter (🌄 29.09. – 05.10.) to Felix Schröter. | 13:09:33 |
| 9 Oct 2025 |
|  srhb set a profile picture. | 07:08:03 |
|  Stefan Nürnberger joined the room. | 09:39:25 |
|  @notgne2:wizbos.club left the room. | 20:10:13 |
| 10 Oct 2025 |
 niklaskorz | https://nvidia.custhelp.com/app/answers/detail/a_id/5703/~/security-bulletin%3A-nvidia-gpu-display-drivers---october-2025 | 12:25:46 |
| niklaskorz | version we're shipping as legacy_535 is again affected but I haven't checked yet if the CVE is relevant to NixOS | 12:26:05 |
| niklaskorz | (personally I'd be in favor of dropping 535 for NixOS 25.11, the only user I'm aware of is @doronbehar, who's not in this channel I think; but we can discuss that in #security-discuss:nixos.org) | 12:26:53 |
| niklaskorz | 570 driver version we're shipping on 25.05 (570.153.02) is also vulnerable (570.195.03 is available with the fixes) | 12:28:32 |
| niklaskorz | default driver on unstable is not affected / already has the fixes | 12:29:15 |
 leona | found a not maintained TLS impl version (mbedtls), marked as vulnerable for now: https://github.com/NixOS/nixpkgs/pull/450688 | 14:25:34 |
