| 21 Jul 2025 |
 emily | In reply to @jonhermansen:matrix.org
I updated MS Edge, then saw it addresses recent Chromium vuln: https://github.com/NixOS/nixpkgs/pull/426714 looks like the automated backport failed, so stable is still vulnerable | 12:42:39 |
| 22 Jul 2025 |
 jonhermansen | Thank you @mdaniels5757 for backporting it. I tested and approved it but can't merge it. https://github.com/NixOS/nixpkgs/pull/427270 | 02:15:02 |
| jonhermansen | Thank you @mdaniels5757 for backporting it. I reviewed, tested and approved it but can't merge it. https://github.com/NixOS/nixpkgs/pull/427270 | 02:16:24 |
| emily | Redacted or Malformed Event | 02:17:50 |
| emily | oops | 02:17:52 |
| emily | 😅 there's a reason we have the "browsers have committer among maintainers" rule | 02:18:14 |
| emily | (but unfortunately the committer who volunteered for Edge hasn't reviewed/merged any PRs) | 02:18:30 |
| jonhermansen | Thanks emily. Is there anything else I should do there? | 02:20:44 |
| emily | just have to wait for someone to merge. but in the long run there'll need to be an active committer involved in the package to sustainably merge security updates; pretty much every browser update has CVEs. (should probably move to #security-discuss:nixos.org for extended discussion) | 02:23:29 |
| 23 Jul 2025 |
|  implr set a profile picture. | 10:57:46 |
| implr changed their profile picture. | 11:21:44 |
 transcaffeine | https://github.com/NixOS/nixpkgs/pull/427778 snipe-it (due to livewire's CVE-2025-54068) | 15:46:29 |
 Grimmauld (any/all) | Marking all the libsoup_2_4 vulnerabilities:
https://github.com/NixOS/nixpkgs/pull/427813
(following the conversation in #dev:nixos.org ) | 17:31:29 |
| Grimmauld (any/all) | * Marking all the libsoup_2_4 vulnerabilities, should wait for Jan to ack this:
https://github.com/NixOS/nixpkgs/pull/427813
(following the conversation in #dev:nixos.org ) | 17:31:46 |
| Grimmauld (any/all) | * Marking all the libsoup_2_4 vulnerabilities, should wait for Jan Tojnar to ack this but figured i might as well put it here:
https://github.com/NixOS/nixpkgs/pull/427813
(following the conversation in #dev:nixos.org ) | 17:32:04 |
| 24 Jul 2025 |
 tgerbet | GLIBC-SA-2025-0005 cc ma27
https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2025-0005;h=8bcccc59a546800624576e3a835b759d9ad1f1e0;hb=HEAD
| 06:53:09 |
 vcunat | This doesn't seem very serious, fortunately. | 07:01:27 |
 ma27 | preparing an update anyways. | 08:06:33 |
 h0nig2k | does someone already have sqlite CVE 9.8 CVE-2025-6965 this on his/her radar? https://github.com/NixOS/nixpkgs/issues/428033 | 12:30:15 |
| h0nig2k | * does someone already have sqlite CVE 7.2 CVE-2025-6965 this on his/her radar? https://github.com/NixOS/nixpkgs/issues/428033 | 12:30:58 |
 K900 | Please search existing PRs before posting: https://github.com/NixOS/nixpkgs/pull/420837 | 12:32:02 |
| h0nig2k | @K900 the PR is for unstable, the issue was created for 25.05 | 13:30:59 |
| ma27 | In reply to @ma27:nicht-so.sexy
preparing an update anyways. https://github.com/NixOS/nixpkgs/pull/428072 | 14:20:38 |
|  @xayomer:kif.rocks left the room. | 16:09:16 |
