| 26 Nov 2025 |
 K900 | Something something petard | 19:43:02 |
 vcunat | Why is it called RCE? They write
attackers with limited sudo privileges
| 19:43:47 |
| vcunat | That's like a completely different level of severity. | 19:44:12 |
 hexa | posted it before reading it fully, doesn't make sense to me yet, sorry | 19:44:51 |
 mdaniels5757 | The "vuln"s listed are different. On https://packetstorm.news/files/id/189989, the "vuln" is that when you set an arbitrary shell command to run when an IP is banned, and then an IP is banned, the arbitrary shells script runs. But on https://gist.github.com/R-Security/1c707a08f9c7f9a91d9d84b5010aaed2, it claims that there is "insufficient sanitization of variables", I see no evidence of that provided. CVE slop? | 20:42:47 |
| mdaniels5757 | I'll file an issue with upstream and see what they say. | 20:43:35 |
| mdaniels5757 | https://github.com/fail2ban/fail2ban/issues/4110 | 20:58:18 |
| hexa | https://nlnetlabs.nl/news/2025/Nov/26/unbound-1.24.2-released/ | 21:32:26 |
| hexa | something more actionable | 21:32:33 |
 Scrumplex | In reply to @hexa:lossy.network
something more actionable Has already been merged into staging. Currently building 25.05 and 25.11 backports | 22:12:34 |
| Scrumplex | * Has already been merged into staging. Currently building 25.05 and 25.11 backports
Edit: https://github.com/NixOS/nixpkgs/pull/465262 | 22:13:53 |
| 27 Nov 2025 |
 dotlambda | https://github.com/NixOS/nixpkgs/pull/445729#issuecomment-3583620846 | 00:20:14 |
| dotlambda | https://github.com/NixOS/nixpkgs/pull/465433 | 00:21:08 |
|  conatsera joined the room. | 03:14:14 |
| hexa | https://github.com/OpenPrinting/cups/releases/tag/v2.4.15 | 15:33:22 |
| hexa | well, denial of service | 15:33:58 |
| hexa | if you expose a cupsd that wide 🤷 | 15:34:06 |
| 28 Nov 2025 |
|  Grimmauld (any/all) changed their display name from grimmauld (any/all) to musl-official | Grimm | any/all. | 11:35:37 |
| Grimmauld (any/all) changed their display name from musl-official | Grimm | any/all to Grimmauld (any/all). | 11:36:00 |
| 29 Nov 2025 |
|  amadaluzia changed their profile picture. | 11:40:57 |
| 30 Nov 2025 |
|  @sdier:matrix.org left the room. | 15:36:54 |
| 1 Dec 2025 |
 niklaskorz | https://kde.org/info/security/advisory-20251128-1.txt | 12:10:35 |
| niklaskorz | (fix already landed in both 25.11 and unstable but 25.05 appears to be still affected) | 12:12:17 |
| K900 | I think 25.05 might be too old, someone needs to backport the patch | 12:13:32 |
| niklaskorz | Or mark as vulnerable and hint that 25.11 has the fix until someone as time to backport the patch | 12:17:01 |
| niklaskorz | * Or mark as vulnerable and hint that 25.11 has the fix until someone has time to backport the patch | 12:17:11 |
| niklaskorz | Actually never mind that, the fix has been merged into 25.05 too by @K900 hree days ago, just hasnt reached nixos-25.05 yet | 13:01:07 |
| K900 | OK I'm thinking of something else then | 13:01:25 |
| K900 | (narrator voice: he was not, in fact, thinking) | 13:01:37 |
| niklaskorz | * Actually never mind that, the fix has been merged into 25.05 too by @K900 three days ago, just hasnt reached nixos-25.05 yet | 13:01:52 |
