| 26 Sep 2024 |
 Mic92 | In reply to @qyliss:fairydust.space
builtin:fetchurl: Enable TLS verification
* I would argue the "information leak" should not affect many people. <nix/fetchurl.nix> is manly used by bootstrap tarballs that do not suffer from this. So low impact for most people. | 18:49:22 |
 hexa | it probably doesn't, but that is for #security-discuss:nixos.org | 18:52:36 |
 vcunat | In reply to @fabianhjr:matrix.org
https://x.com/evilsocket/status/1838169889330135132
Claims 9.9 RCE unauthenticated over network affecting all GNU/Linux Systems CUPS? Much earlier than expected, though:
https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/ | 20:21:55 |
 Fabián Heredia | yeah, and also underwhelming for the original hype | 20:25:19 |
 void | I recall another one in hplip last year, somebody is getting efficient at it it seems. | 23:52:39 |
| 27 Sep 2024 |
|  SigmaSquadron joined the room. | 00:18:22 |
|  @vengmark2:matrix.org joined the room. | 02:26:49 |
| @vengmark2:matrix.org left the room. | 02:29:26 |
| Fabián Heredia | The following PR wasn't triaged and was going stale around 2x High (7.5 CVSS) CVEs on libtiff.
https://github.com/NixOS/nixpkgs/pull/340569 | 06:26:33 |
| hexa | https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-rq86-c7g6-r2h8 | 13:11:40 |
|  elikoga set a profile picture. | 16:27:28 |
| 28 Sep 2024 |
|  ghpzin (moved to @ghpzin:envs.net) joined the room. | 11:00:47 |
|  Scrumplex joined the room. | 11:04:11 |
| 30 Sep 2024 |
|  @entheogenesis:matrix.org left the room. | 18:32:15 |
| 1 Oct 2024 |
|  -_o joined the room. | 21:00:31 |
| 2 Oct 2024 |
|  tlaurion aka Insurgo [ Timezone: ET ] changed their display name from tlaurion aka Insurgo [UTC-4] (🛫🗺️🛬: Back 2024-10-01) to tlaurion aka Insurgo [UTC-4]. | 12:42:28 |
| 4 Oct 2024 |
|  @ajcxz0:matrix.org left the room. | 01:00:45 |
| 5 Oct 2024 |
|  @magic_rb:matrix.redalder.org changed their profile picture. | 22:16:56 |
|  gvelim joined the room. | 22:54:48 |
| 6 Oct 2024 |
|  Sofie joined the room. | 15:22:25 |
|  @sofo:matrix.org left the room. | 15:22:36 |
|  DerivationDingus changed their display name from bytebandit to DerivationDingus. | 19:43:28 |
| 7 Oct 2024 |
| hexa | https://meta.discourse.org/t/3-3-2-security-and-maintenance-release/329341/1 | 13:29:31 |
| 8 Oct 2024 |
|  schuelermine changed their profile picture. | 16:30:17 |
| 9 Oct 2024 |
 emily | Tor/Mullvad Browser still need updating for the Firefox vulnerabilities | 20:35:53 |
| emily | cc felschr | 20:36:25 |
| Scrumplex | I assume tor-browser needs to be bumped to 13.5.7? | 20:37:06 |
| hexa | floorp and librewolf as well | 20:37:24 |
| Scrumplex | https://github.com/mullvad/mullvad-browser/releases/tag/13.5.7 | 20:37:34 |
| Scrumplex | https://github.com/NixOS/nixpkgs/pull/347593 | 20:41:19 |
