| 24 Sep 2025 |
 lennart | * Zammad release notes are yet to be released, I guess that will open in the next 2-4 hours https://github.com/NixOS/nixpkgs/pull/445709 | 05:28:51 |
| lennart | there is a fix to one security problem included, that I discovered. but they also had more disclosure processes involved in that release. | 05:33:13 |
 Markus Theil | OpenSSL Release Announcement
The OpenSSL project team would like to announce the upcoming release of
OpenSSL Library versions 3.5.4, 3.4.3, 3.3.5, 3.2.5 and 3.0.18.
We will also be releasing extended support for OpenSSL Library versions 1.0.2zm and 1.1.1zd, which will be available to premium support customers.
These releases will be made available on Tuesday, 30th September 2025, between 1300 and 1700 UTC.
These are security-fix releases. The highest severity issue fixed in each of these releases is Moderate:
https://openssl-library.org/policies/general/security-policy/index.html
Yours
The OpenSSL Project Team
| 07:27:04 |
| Markus Theil | I'd like to skip 3.5.3 and directly bump to 3.5.4 and 3.0.18. | 07:27:56 |
| lennart | In reply to @lennart:0520.ch
Zammad release notes are yet to be released, I guess that will open in the next 2-4 hours https://github.com/NixOS/nixpkgs/pull/445709 three Security Advisories linkes
- https://zammad.com/en/advisories/zaa-2025-07
- https://zammad.com/en/advisories/zaa-2025-08
- https://zammad.com/en/advisories/zaa-2025-09 | 09:55:49 |
| lennart | * three Security Advisories linked
- https://zammad.com/en/advisories/zaa-2025-07
- https://zammad.com/en/advisories/zaa-2025-08
- https://zammad.com/en/advisories/zaa-2025-09
| 09:56:01 |
| 30 Sep 2025 |
 hexa | https://www.freeipa.org/release-notes/4-12-5.html | 16:03:10 |
| hexa | released a few hours ago | 16:04:56 |
| hexa | https://github.com/NixOS/nixpkgs/pull/447512 | 16:06:54 |
|  NixOS Moderation Bot banned  @joepie91:pixie.town (divsive behavior). | 19:23:47 |
|  @saiko:knifepoint.net left the room. | 19:27:19 |
| 1 Oct 2025 |
| Markus Theil | https://github.com/NixOS/nixpkgs/pull/447713 | 11:52:59 |
| Markus Theil | Will do the backport for 25.05 later today. | 11:53:08 |
| Markus Theil | (currently at work) | 11:54:05 |
| Markus Theil | OpenSSL 3.6 was released some minutes ago. Shall we directly switch 3.5.2 -> 3.6.0 in unstable? | 18:22:35 |
|  @magic_rb:matrix.redalder.org left the room. | 18:23:17 |
 K900 | staging, but presumably yes? | 18:25:55 |
| K900 | Unless it breaks shit again | 18:25:58 |
| K900 | Which openssl minor updates tend to | 18:26:03 |
 Grimmauld (any/all) | I am also still waiting for github.com/HDFGroup/hdf5/milestone/10, they pushed it back from sep 29th to nov 3rd, which is a pain. There is security fixes in there, and i somewhat doubt it'll get upstream backports to 1.14.x.... | 18:28:47 |
| Markus Theil | https://github.com/NixOS/nixpkgs/pull/447808 | 18:56:39 |
| Markus Theil | I'm currently doing some short smoke tests on the backport branch. | 18:56:55 |
| 3 Oct 2025 |
|  soundhead joined the room. | 05:12:02 |
| hexa | https://www.fetchmail.info/fetchmail-SA-2025-01.txt | 20:22:39 |
| hexa | * https://www.fetchmail.info/fetchmail-SA-2025-01.txt no maintainer | 20:22:57 |
 dish [Fox/It/She] | I'd drop if there's no maintainer and security problems. It's not used anywhere in-tree, so 🤷 | 20:47:27 |
| dish [Fox/It/She] | yeah fetchmail_7 hasn't been updated since it was added to the tree in 2022, and fetchmail lost its only maintainer in 2021, and only got updates thanks to r-ryantm. | 20:49:05 |
| dish [Fox/It/She] | yeah fetchmail_7 hasn't been updated since it was added to the tree in 2022, and fetchmail lost its only maintainer in 2021, and only got updates thanks to r-ryantm. | 20:49:11 |
| dish [Fox/It/She] | i think a drop would be the best choice, since it doesnt seem that anyone cares about it | 20:49:24 |
| dish [Fox/It/She] | no open issues for it either, so if it doesn't build no one's reported it. | 20:49:59 |
