!ZRgXNaHrdpGqwUnGnj:nixos.org

NixOS Security Triage

720 Members
Coordination and triage of security issues in nixpkgs219 Servers

Load older messages

SenderMessageTime
4 Feb 2024
@bytebandit:tac.lolDerivationDingus
In reply to @vcunat:matrix.org
I'd suggest moving the discussion elsewhere. This channel should be just security triage.
Oof, my apologies. I thought I was in a different room. 		08:19:15
@vcunat:matrix.orgvcunat * I'd suggest moving the discussion elsewhere (and e.g. linking from here). This channel should be just security triage.08:19:19
@vcunat:matrix.orgvcunat * I'd suggest moving the discussion elsewhere (and e.g. link it from here). This channel should be just security triage.08:19:24
@k900:0upti.meK900https://www.openwall.com/lists/oss-security/2024/01/30/709:18:33
@k900:0upti.meK900OH GOD09:18:36
@k900:0upti.meK900I finally read the writeup09:20:20
@k900:0upti.meK900Ugh wrong room09:20:32
@bjth:matrix.orgBryan Honof changed their profile picture.11:31:31
@vcunat:matrix.orgvcunatgnupg: some kind of 23.11 backport is needed? https://github.com/NixOS/nixpkgs/pull/284778#issuecomment-192575726214:15:28
@jtojnar:matrix.orgJan Tojnarlibxml2 again: https://github.com/NixOS/nixpkgs/pull/28630014:52:16
@jtojnar:matrix.orgJan Tojnar * UAF in libxml2 again: https://github.com/NixOS/nixpkgs/pull/28630014:52:36
@tgerbet:matrix.orgtgerbet
In reply to @vcunat:matrix.org
gnupg: some kind of 23.11 backport is needed?
https://github.com/NixOS/nixpkgs/pull/284778#issuecomment-1925757262
Cherry-picks done in https://github.com/NixOS/nixpkgs/pull/286302 		14:53:55
@raboof:matrix.orgraboof changed their display name from raboof @FOSDEM to raboof.17:41:47
@hexa:lossy.networkhexahttps://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.518:05:29
@hexa:lossy.networkhexa cc Jan Tojnar 18:05:46
@tgerbet:matrix.orgtgerbethttps://github.com/NixOS/nixpkgs/pull/28630018:06:18
@hexa:lossy.networkhexaok, failed to find it via github search18:06:53
5 Feb 2024
@puck:puck.moepuck joined the room.12:48:55
@adam:robins.wtf@adam:robins.wtf adding in:title can be helpful, if you're not already using that 14:34:16
@ThorHop:matrix.org@ThorHop:matrix.org removed their profile picture.22:45:55
@ThorHop:matrix.org@ThorHop:matrix.org removed their display name IdeallyYes.22:46:41
@ThorHop:matrix.org@ThorHop:matrix.org left the room.22:47:12
@hexa:lossy.networkhexa https://webkitgtk.org/security/WSA-2024-0001.html Jan Tojnar 23:59:26
7 Feb 2024
@hexa:lossy.networkhexahttps://github.com/python/cpython/issues/11365917:39:34
@hexa:lossy.networkhexa * https://github.com/python/cpython/issues/113659 doing the bumps17:39:55
@hexa:lossy.networkhexa

New releases of 3.8, 3.9 and 3.10 containing the same fix are expected next week.

17:47:34
@hexa:lossy.networkhexahttps://github.com/libexpat/libexpat/blob/R_2_6_0/expat/Changes17:53:58
@hexa:lossy.networkhexaregresses the python3 test suite, I'm following https://github.com/python/cpython/issues/11513317:54:18
8 Feb 2024
@drewskiwooskie:matrix.org@drewskiwooskie:matrix.org joined the room.03:16:46
@symys:dailyaslbot.twilightparadox.comsymys joined the room.07:21:42

Show newer messages

Back to Room ListRoom Version: 6