| 5 Oct 2023 |
|  @aloisw:kde.org joined the room. | 14:49:15 |
|  @rick:matrix.ciphernetics.nl changed their display name from Rick (Mindavi) to Mindavi. | 15:31:36 |
| 6 Oct 2023 |
|  @pokon548:bukn.uk joined the room. | 07:37:44 |
| @pokon548:bukn.uk left the room. | 10:35:05 |
|  recoup3948 joined the room. | 11:37:26 |
|  Hubble the Wolverine (they/them) joined the room. | 11:56:04 |
|  Las left the room. | 16:44:52 |
| 7 Oct 2023 |
|  angelwn joined the room. | 12:45:07 |
| Hubble the Wolverine (they/them) changed their display name from Hubble the Wolverine to Hubble the Wolverine (they/them). | 12:54:52 |
| 8 Oct 2023 |
|  Find me at aleksana:qaq.li joined the room. | 06:52:56 |
|  clefru joined the room. | 08:12:17 |
|  Nyte joined the room. | 11:53:20 |
| 9 Oct 2023 |
 hexa | https://github.com/NixOS/nixpkgs/pull/259881 | 00:48:34 |
|  Challenged joined the room. | 16:03:14 |
 K900 | https://github.blog/2023-10-09-coordinated-disclosure-1-click-rce-on-gnome-cve-2023-43641/ | 18:56:26 |
| K900 | Well shit | 18:56:27 |
 tgerbet | In reply to @k900:0upti.me
https://github.blog/2023-10-09-coordinated-disclosure-1-click-rce-on-gnome-cve-2023-43641/ Opened https://github.com/NixOS/nixpkgs/pull/260052 for the sandbox escape
libcue patches do not seem available yet | 19:25:33 |
| K900 | There's a patch on the blog post but I'm not sure if it's complete | 19:26:40 |
|  Lun joined the room. | 21:07:10 |
| Lun | Arch is using that patch https://gitlab.archlinux.org/archlinux/packaging/packages/libcue/-/commit/035bddf10ab0936e41daf829dac0ef3bd56bd2ce | 21:08:23 |
| Lun | https://github.com/lipnitsk/libcue/commit/fdf72c8bded8d24cfa0608b8e97f2eed210a920e | 21:34:07 |
| K900 | Yay | 21:34:32 |
| 10 Oct 2023 |
|  cafkafk changed their display name from Christina Sørensen to cafkafk. | 03:39:01 |
| cafkafk changed their profile picture. | 03:39:25 |
| K900 | New kernel updates with Xen DoS fix: https://github.com/NixOS/nixpkgs/pull/260296 | 21:59:06 |
 Sandro | CVE-2023-44487 7.5 score, 0-day, exploited in the wild
The fix (https://github.com/nghttp2/nghttp2/commit/72b4af6143681f528f1d237b21a9a7aee1738832) is probably not that easy to backport.
| 22:57:20 |
| Sandro | and we are quite a bit behind, there are changes that need attention and changing the package is a mass rebuild
https://github.com/NixOS/nixpkgs/pull/219712 | 22:57:58 |
| Sandro | https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/
https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ | 22:58:45 |
| 11 Oct 2023 |
 vcunat | Rebuild wouldn't be a problem now, as high-priority curl fix arrives today. | 05:59:05 |
 raitobezarius | It's already out, see discussion channel | 05:59:19 |
