| 12 Oct 2023 |
 ⛧-440729 [sophie raven] (it/its) | Can someone please review and merge the PR for curl 8.4.0? https://github.com/NixOS/nixpkgs/pull/260378 | 06:42:30 |
|  ajs124 changed their profile picture. | 21:42:48 |
| 13 Oct 2023 |
 AkechiShiro | Redacted or Malformed Event | 15:21:14 |
| AkechiShiro | Here is an oss-security mail that has a lot of advisory compiled in : https://www.openwall.com/lists/oss-security/2023/10/10/6 | 15:22:24 |
| AkechiShiro | * Here is an oss-security mail that has a lot of advisory compiled in (so we have a better idea which software needs an update or not) : https://www.openwall.com/lists/oss-security/2023/10/10/6 | 15:22:41 |
| AkechiShiro | I see even more links here : https://www.cve.org/CVERecord?id=CVE-2023-44487
But some are not strictly about open source software, might also be of help | 16:09:38 |
| 14 Oct 2023 |
|  leifb joined the room. | 09:22:09 |
| 15 Oct 2023 |
|  meet changed their display name from meet to meetm. | 07:05:59 |
|  Pratham Patel changed their display name from Pratham Patel to Pratham Patel (you can mention me). | 07:24:16 |
 K900 | https://exim.org/static/doc/security/CVE-2023-zdi.txt | 20:35:06 |
| K900 | Five billion CVEs in exim | 20:35:12 |
 hexa | ajs124: | 20:40:26 |
| hexa | pretty sure these aren't new | 20:40:40 |
| K900 | Some aren't | 20:41:51 |
| K900 | But there's some bonus new ones | 20:41:54 |
| ajs124 | In reply to @hexa:lossy.network
pretty sure these aren't new they aren't, but the fixes are new https://github.com/NixOS/nixpkgs/pull/261279 | 21:07:31 |
| 17 Oct 2023 |
|  camocatx joined the room. | 21:51:51 |
| 18 Oct 2023 |
|  @sptz:matrix.org joined the room. | 06:01:15 |
 @mtheil:scs.ems.host | The OpenSSL project team would like to announce the upcoming release of
OpenSSL versions 3.1.4 and 3.0.12.
These releases will be made available on Tuesday 24th October 2023
between 1300-1700 UTC.
These are security-fix releases. The highest severity issue fixed in
each of these two releases is Moderate:
| 11:46:16 |
|  ghishadow changed their profile picture. | 12:52:11 |
| 19 Oct 2023 |
 delroth | Apache 2.4.58: https://downloads.apache.org/httpd/CHANGES_2.4.58 (CVE-2023-45802, CVE-2023-43622, CVE-2023-31122) | 14:35:04 |
| delroth | * Apache 2.4.58: https://downloads.apache.org/httpd/CHANGES_2.4.58 (CVE-2023-45802, CVE-2023-43622, CVE-2023-31122)
https://github.com/NixOS/nixpkgs/pull/262075 | 14:35:44 |
| 20 Oct 2023 |
 Lun | Recent zlib CVE, don't know if this needs patched quickly
https://nvd.nist.gov/vuln/detail/CVE-2023-45853 https://github.com/madler/zlib/pull/843 | 00:13:19 |
|  @ninjatrappeur:alternativebit.fr changed their display name from NinjaTrappeur to PicNoir (was Ninjatrappeur). | 10:33:36 |
|  @julian:nekover.se changed their display name from Julian to miau. | 15:05:16 |
| @julian:nekover.se changed their display name from miau to Julian. | 15:07:31 |
| 21 Oct 2023 |
|  pbsds joined the room. | 10:17:11 |
|  Mikael Fangel changed their display name from rwx-rwx-rwx to Mikael Fangel. | 17:15:39 |
| Mikael Fangel set a profile picture. | 17:22:09 |
| 22 Oct 2023 |
 tgerbet | In reply to @lt1379:matrix.org
Recent zlib CVE, don't know if this needs patched quickly
https://nvd.nist.gov/vuln/detail/CVE-2023-45853 https://github.com/madler/zlib/pull/843 It only impacts minizip and not zlib itself
https://github.com/NixOS/nixpkgs/pull/262722
| 11:19:25 |
