| 25 Aug 2025 |
 lennart | already wrote hexa, I guess he's sleeping or busy :) https://github.com/orgs/NixOS/people/security_managers | 09:33:22 |
| lennart | lassulus did the dead, thanks | 09:35:17 |
 SigmaSquadron | we should consider that security vulnerability leaked to the public already, as there may be an archive of the deleted issue. | 09:49:01 |
| SigmaSquadron | * | 09:49:15 |
 tgerbet | Upstream should consider the issue public. Information is likely still accessible in GitHub events
Full disclosure is better than half disclosed (and apparently the tendency these days is to publish emboarged issues on public ML 🫠) | 10:27:45 |
| lennart | It's not related to nixpkgs, only upstream. | 10:28:01 |
| lennart | I see your point, but it'd let upstream cover and decide on that. | 10:28:27 |
| lennart | Nonetheless, they'll apply for an CVE number :b | 10:28:38 |
 raitobezarius | If upstream doesn't do full disclosure, this is a very bad look on them for what seems to be a minor issue. | 10:28:56 |
| lennart | What do you mean by half and full disclosure? Lets move to the discussion channel? | 10:29:44 |
| 27 Aug 2025 |
|  martijn joined the room. | 13:58:51 |
| 28 Aug 2025 |
 hexa | https://github.com/storaged-project/udisks/security/advisories/GHSA-742q-gggc-473g udisks Jan Tojnar | 20:55:32 |
| hexa | https://www.openwall.com/lists/oss-security/2025/08/28/1
https://www.openwall.com/lists/oss-security/2025/08/28/2 | 20:55:56 |
| hexa | * https://www.openwall.com/lists/oss-security/2025/08/28/1 | 20:56:07 |
| 29 Aug 2025 |
|  @bluebirdlamentations:matrix.org left the room. | 16:13:53 |
|  @magic_rb:matrix.redalder.org changed their profile picture. | 19:27:40 |
| 30 Aug 2025 |
| tgerbet | SigmaSquadron: https://xenbits.xen.org/xsa/advisory-471.html
Is this taken into account by the Xen team? | 11:13:23 |
| SigmaSquadron | uh I already fixed 471 I think | 11:40:39 |
| SigmaSquadron | yeah that's the big one | 11:41:13 |
| SigmaSquadron | we just updated to the latest branch heads and then updated to 4.20.1 when it released | 11:41:36 |
| SigmaSquadron | ditto for 4.19.x on stable | 11:41:57 |
| SigmaSquadron | Yes, just confirmed that both 25.05 and 25.11 have all the patches for XSA 471. | 11:49:37 |
| 31 Aug 2025 |
|  @alper-celik:matrix.org left the room. | 16:00:07 |
| 1 Sep 2025 |
|  Lun changed their display name from lun to Lun. | 15:55:15 |
| 2 Sep 2025 |
|  @aidalgol:tchncs.de joined the room. | 21:55:24 |
| 3 Sep 2025 |
|  ghpzin joined the room. | 07:30:05 |
| 4 Sep 2025 |
| @aidalgol:tchncs.de changed their display name from Aidan Gauland to aidalgol[m]. | 11:23:25 |
| @aidalgol:tchncs.de changed their display name from aidalgol[m] to aidalgol. | 11:24:11 |
| 5 Sep 2025 |
|  Chris Norman set a profile picture. | 15:05:04 |
| Chris Norman changed their profile picture. | 15:05:17 |
