| 21 Oct 2025 |
 dish [Fox/It/She] | of course its crypto coins >.> can never trust those projects to do anything right | 22:17:52 |
 hexa | 👉️ #security-discuss:nixos.org | 23:02:04 |
| 22 Oct 2025 |
 dotlambda | https://github.com/NixOS/nixpkgs/pull/454303 | 02:02:25 |
| hexa | https://seclists.org/oss-sec/2025/q4/68 bind9 | 16:14:45 |
| 23 Oct 2025 |
|  ramblurr joined the room. | 08:55:38 |
| hexa | https://www.openwall.com/lists/oss-security/2025/10/23/1 pdns | 16:13:53 |
| hexa | * https://www.openwall.com/lists/oss-security/2025/10/23/1 pdns-recursor | 16:13:55 |
| 24 Oct 2025 |
|  ⛧-440729 [sophie raven] (it/its) changed their display name from ⛧-440729 [sophie] (it/its) to ⛧-440729 [sophie raven] (it/its). | 06:10:51 |
| hexa | https://nvd.nist.gov/vuln/detail/CVE-2025-62813 lz4 | 10:26:42 |
 SigmaSquadron | XSA #476
master: https://github.com/NixOS/nixpkgs/pull/455255
release-25.05:https://github.com/NixOS/nixpkgs/pull/455256 | 12:42:27 |
| SigmaSquadron | * XSA #476
master: https://github.com/NixOS/nixpkgs/pull/455255
release-25.05: https://github.com/NixOS/nixpkgs/pull/455256 | 12:42:34 |
 vcunat | Those issues are private? | 13:38:51 |
| hexa | https://seclists.org/oss-sec/2025/q4/70? | 13:39:41 |
| hexa | I'm a security manager on the org and I can't see them either, so probably deleted? | 13:40:15 |
 Winter | i’m an org owner and cannot see them either, my guess is he typo’d? | 13:49:55 |
| Winter | i don’t think you can delete PRs like you can issues | 13:50:05 |
| vcunat | Surely typos. The numbers are significantly beyond what's allocated right now. | 13:52:58 |
 tnias | someone named sigmasquadron opened those:
https://github.com/NixOS/nixpkgs/pull/455225
https://github.com/NixOS/nixpkgs/pull/455226 | 13:53:36 |
 niklaskorz | Tarmageddon tracking issue: https://github.com/NixOS/nixpkgs/issues/455265
The "check manually" part is bigger than I'd have liked (script improvals welcome), but considering there are over 2000 packages that the script handled fine, I think it's still reasonably small. | 16:20:28 |
| 25 Oct 2025 |
| SigmaSquadron | * XSA #476
master: https://github.com/NixOS/nixpkgs/pull/455225
release-25.05: https://github.com/NixOS/nixpkgs/pull/455226 | 03:18:01 |
| SigmaSquadron | Whoops, yes. I wrote a 5 when I should've written a 2. Sorry about that; it was late and I went to bed shortly after posting. | 03:18:37 |
| SigmaSquadron | * | 03:18:50 |
| 26 Oct 2025 |
 tgerbet | https://github.com/NixOS/nixpkgs/pull/455943 | 17:42:44 |
| tgerbet | Disputed
https://github.com/NixOS/nixpkgs/pull/455945 | 17:43:13 |
| dotlambda | https://github.com/NixOS/nixpkgs/pull/455984 fixes two undisclosed vulnerabilities in ImageMagick | 19:40:54 |
| 27 Oct 2025 |
| dotlambda | https://github.com/NixOS/nixpkgs/pull/456046 probably fixes a vulnerability in Postfix but there is no official announcement yet | 01:55:21 |
| dotlambda | * https://github.com/NixOS/nixpkgs/pull/455984 fixes two undisclosed vulnerabilities in ImageMagick
EDIT: the vulnerability reports were now published | 01:56:01 |
| dotlambda | * https://github.com/NixOS/nixpkgs/pull/455984 fixes two undisclosed vulnerabilities in ImageMagick
EDIT: the vulnerability reports are now published | 01:56:16 |
|  Dustin Plattner changed their display name from Dustin to Dustin Plattner. | 02:57:36 |
|  ➡️@amadaluzia:unredacted.org joined the room. | 23:56:26 |
