| 17 Jan 2024 |
|  OahzEgroeg changed their display name from George to george. | 02:18:56 |
| OahzEgroeg changed their display name from george to George. | 02:28:32 |
| OahzEgroeg set a profile picture. | 02:28:45 |
|  Swastik Baranwal set a profile picture. | 21:23:53 |
| 18 Jan 2024 |
|  @syntheit:matrix.org left the room. | 04:14:23 |
| 19 Jan 2024 |
|  @ThorHop:matrix.org changed their display name from hopland (meticulous montesquieu) to hopland (manners or stfu). | 05:11:41 |
| @ThorHop:matrix.org changed their display name from hopland (manners or stfu) to hopland. | 05:14:27 |
|  Room303 joined the room. | 07:05:53 |
| 20 Jan 2024 |
|  Nikke joined the room. | 21:32:42 |
 hexa | https://github.com/python-pillow/Pillow/releases/tag/10.2.0 | 23:49:32 |
 AkechiShiro | https://github.com/NixOS/nixpkgs/pull/282393 | 23:50:25 |
| 22 Jan 2024 |
| @ThorHop:matrix.org changed their display name from hopland to IdeallyYes. | 15:07:12 |
|  behelit joined the room. | 19:44:50 |
| 23 Jan 2024 |
|  @2xsaiko:tchncs.de changed their display name from 2xsaiko to Marco. | 17:54:56 |
| @2xsaiko:tchncs.de changed their display name from Marco to 2xsaiko. | 18:17:35 |
 @mtheil:scs.ems.host | OpenSSL will release new versions on 2024-01-30. | 19:34:25 |
| @mtheil:scs.ems.host | I think there are no news on the website until now. I subscribed to some public OpenSSL mailing lists. | 19:51:59 |
| @mtheil:scs.ems.host | * I think there are no news on the website until now. I’m subscribed to some public OpenSSL mailing lists. | 19:52:15 |
 felschr | https://github.com/NixOS/nixpkgs/pull/283289 | 22:07:51 |
| 24 Jan 2024 |
 vcunat | In reply to @mtheil:scs.ems.host
OpenSSL will release new versions on 2024-01-30. That's just for those low-severity issues announced previously? | 09:55:48 |
| @mtheil:scs.ems.host | Probably. The mail was just:
The OpenSSL project team would like to announce the upcoming release of
OpenSSL versions 3.2.1, 3.1.5 and 3.0.13.
We will be also releasing extended support OpenSSL versions 1.0.2zj and
1.1.1x which will be available to premium support customers.
These releases will be made available on Tuesday 30th January 2024
between 1300-1700 UTC.
These are security-fix releases. The highest severity issue fixed in
each of these releases is Low:
https://www.openssl.org/policies/secpolicy.html
Yours
The OpenSSL Project Team
| 10:03:15 |
| vcunat | OK. OpenSSL marking all "Low" implies that it won't be urgent, I think. | 10:06:37 |
| @mtheil:scs.ems.host | I'll open a PR timely after release, but it probably is not urgent. | 10:10:59 |
| AkechiShiro | Hi, should security fixes be backported usually on the stable release ?
Asking for https://github.com/NixOS/nixpkgs/pull/283179 related to https://nitter.net/_msw_/status/1749999077100855638#m | 12:35:54 |
| AkechiShiro | * Hi, should security fixes be backported usually on the stable release ? (I'd guess yes as long as it is not a major version change?)
Asking for https://github.com/NixOS/nixpkgs/pull/283179 related to https://nitter.net/_msw_/status/1749999077100855638#m | 12:37:49 |
| hexa | we could get away with just bumping minizip | 12:43:49 |
| hexa | but oh well, let me set up the backport | 12:50:36 |
 tgerbet | The minizip issue with the scary CVSS score was handled in https://github.com/NixOS/nixpkgs/pull/262722 | 16:42:53 |
|  octodi set a profile picture. | 19:06:44 |
| felschr | https://github.com/NixOS/nixpkgs/pull/283544 | 21:42:32 |
