| 1 Jul 2025 |
 @mtheil:scs.ems.host | https://github.com/NixOS/nixpkgs/pull/421531 is still compiling on my side. Will ping here, when ready and some smoke tests are done. | 15:33:21 |
 Fernando Rodrigues | In reply to @emilazy:matrix.org
on it. does it need backporting? yep, forgot the label, sorry. | 15:57:16 |
|  Damian Poddebniak joined the room. | 20:54:51 |
| 2 Jul 2025 |
| @mtheil:scs.ems.host | OpenSSL is ready. Update for 25.05 in https://github.com/NixOS/nixpkgs/pull/421735 | 09:43:52 |
| 4 Jul 2025 |
 Grimmauld (migrated to @grimmauld:m.grimmauld.de) | https://nvd.nist.gov/vuln/detail/CVE-2025-6817 | https://github.com/HDFGroup/hdf5/issues/5572
https://nvd.nist.gov/vuln/detail/CVE-2025-6816 | https://github.com/HDFGroup/hdf5/issues/5571
https://nvd.nist.gov/vuln/detail/CVE-2025-6750 | https://github.com/HDFGroup/hdf5/issues/5549
hdf5 doesn't have a new release, and none of these CVEs have patches yet either. I'll be watching the issues, i have my own projects that depend on hdf5 (bachelors thesis) but figured i might as well post these here too. Fix will likely only come out in September.
| 07:53:03 |
| Grimmauld (migrated to @grimmauld:m.grimmauld.de) | * https://nvd.nist.gov/vuln/detail/CVE-2025-6817 | https://github.com/HDFGroup/hdf5/issues/5572
https://nvd.nist.gov/vuln/detail/CVE-2025-6816 | https://github.com/HDFGroup/hdf5/issues/5571
https://nvd.nist.gov/vuln/detail/CVE-2025-6750 | https://github.com/HDFGroup/hdf5/issues/5549
https://nvd.nist.gov/vuln/detail/CVE-2025-6516 | https://github.com/HDFGroup/hdf5/issues/5581
hdf5 doesn't have a new release, and none of these CVEs have patches yet either. I'll be watching the issues, i have my own projects that depend on hdf5 (bachelors thesis) but figured i might as well post these here too. Fix will likely only come out in September.
| 07:54:17 |
| Grimmauld (migrated to @grimmauld:m.grimmauld.de) | * https://nvd.nist.gov/vuln/detail/CVE-2025-6817 | https://github.com/HDFGroup/hdf5/issues/5572
https://nvd.nist.gov/vuln/detail/CVE-2025-6816 | https://github.com/HDFGroup/hdf5/issues/5571
https://nvd.nist.gov/vuln/detail/CVE-2025-6750 | https://github.com/HDFGroup/hdf5/issues/5549
https://nvd.nist.gov/vuln/detail/CVE-2025-6516 | https://github.com/HDFGroup/hdf5/issues/5581
https://nvd.nist.gov/vuln/detail/CVE-2025-6270 | https://github.com/HDFGroup/hdf5/issues/5580
https://nvd.nist.gov/vuln/detail/CVE-2025-6269 | https://nvd.nist.gov/vuln/detail/CVE-2025-6269
hdf5 doesn't have a new release, and none of these CVEs have patches yet either. I'll be watching the issues, i have my own projects that depend on hdf5 (bachelors thesis) but figured i might as well post these here too. Fix will likely only come out in September.
| 07:55:50 |
| Grimmauld (migrated to @grimmauld:m.grimmauld.de) | there might well be more, seems some new people started actually fuzzing that lib. There is POCs and all, but assigned severity is all somewhat low. Still safe to say the next release is security-relevant | 07:57:13 |
| Grimmauld (migrated to @grimmauld:m.grimmauld.de) | * https://nvd.nist.gov/vuln/detail/CVE-2025-6817 | https://github.com/HDFGroup/hdf5/issues/5572
https://nvd.nist.gov/vuln/detail/CVE-2025-6816 | https://github.com/HDFGroup/hdf5/issues/5571
https://nvd.nist.gov/vuln/detail/CVE-2025-6750 | https://github.com/HDFGroup/hdf5/issues/5549
https://nvd.nist.gov/vuln/detail/CVE-2025-6516 | https://github.com/HDFGroup/hdf5/issues/5581
https://nvd.nist.gov/vuln/detail/CVE-2025-6270 | https://github.com/HDFGroup/hdf5/issues/5580
https://nvd.nist.gov/vuln/detail/CVE-2025-6269 | https://github.com/HDFGroup/hdf5/issues/5579
hdf5 doesn't have a new release, and none of these CVEs have patches yet either. I'll be watching the issues, i have my own projects that depend on hdf5 (bachelors thesis) but figured i might as well post these here too. Fix will likely only come out in September.
| 08:00:54 |
| Grimmauld (migrated to @grimmauld:m.grimmauld.de) | assimp: https://github.com/NixOS/nixpkgs/pull/422357
CVE-2025-2751: GHSA-345v-qrhv-w227
CVE-2025-2757: GHSA-4p6w-747g-444c
CVE-2025-2750: GHSA-6x45-4j6r-r8x8
CVE-2025-3158: GHSA-6r79-vpvw-rfjj | 10:42:06 |
 K900 | 
Download image.png | 10:42:56 |
 emily | K900: oh yeah I ran into a fun thing | 11:06:15 |
| emily | er | 11:06:24 |
| emily | wrong room sorry | 11:06:26 |
| 6 Jul 2025 |
|  JamieMagee left the room. | 02:28:02 |
|  Cathal changed their display name from CJ to Cathal. | 17:17:33 |
