!ZRgXNaHrdpGqwUnGnj:nixos.org

NixOS Security Triage

692 Members
Coordination and triage of security issues in nixpkgs216 Servers

Load older messages

SenderMessageTime
8 Jan 2026
@hexa:lossy.networkhexahttps://github.com/NixOS/nixpkgs/pull/47814117:22:22
9 Jan 2026
@hexa:lossy.networkhexahttps://seclists.org/oss-sec/2026/q1/46 inputplumber20:51:09
@hexa:lossy.networkhexahttps://seclists.org/oss-sec/2026/q1/47 net-snmp20:51:25
10 Jan 2026
@tgerbet:matrix.orgtgerbetUnstable already fixed, triggered the backport for stable https://github.com/NixOS/nixpkgs/pull/47867509:23:13
@tgerbet:matrix.orgtgerbethttps://github.com/NixOS/nixpkgs/pull/47867809:53:51
11 Jan 2026
@hexa:lossy.networkhexahttps://seclists.org/oss-sec/2026/q1/49 harfbuzz nullpointer deref02:05:18
@9hp71n:matrix.orgghpzin changed their display name from ghpzin (moved to @ghpzin:envs.net) to ghpzin.15:04:32
@ghpzin:envs.net@ghpzin:envs.net left the room.16:18:27
12 Jan 2026
@hexa:lossy.networkhexahttps://seclists.org/oss-sec/2026/q1/57 libpng 1.6.5423:45:31
@hexa:lossy.networkhexa* https://seclists.org/oss-sec/2026/q1/57 libpng 1.6.54 @vcunat23:46:09
@hexa:lossy.networkhexa * https://seclists.org/oss-sec/2026/q1/57 libpng 1.6.54 vcunat 23:46:13
13 Jan 2026
@vcunat:matrix.orgvcunatUnfortunately, the -apng patches won't apply to this version, even if updated their latest version.07:56:55
14 Jan 2026
@sandro:supersandro.deSandroFreeRDP 3.20.1, 9 CVEs https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.113:12:33
15 Jan 2026
@h0nig2k:matrix.orgh0nig2kzlib CVE 9.3: https://github.com/NixOS/nixpkgs/issues/48035813:00:45
@vcunat:matrix.orgvcunat

untgz will be removed in the next release.

(the issue is in the untgz utility, not in zlib itself)

13:07:53
@vcunat:matrix.orgvcunat And zlib in nixpkgs doesn't seem to build any utilities. 13:09:58
@goodboy:matrix.orglord_fomoRedacted or Malformed Event16:00:14
@leona:leona.isleonaRedacted or Malformed Event16:04:27
@hexa:lossy.networkhexaRedacted or Malformed Event16:04:36
@goodboy:matrix.orglord_fomoRedacted or Malformed Event16:35:07
@magic_rb:matrix.redalder.orgmagic_rbRedacted or Malformed Event16:35:33
@goodboy:matrix.orglord_fomoRedacted or Malformed Event16:36:22
@tasiaiso:catgirl.cloudtasia joined the room.16:38:57
16 Jan 2026
@marcel:envs.net@marcel:envs.net left the room.00:52:23
@tgerbet:matrix.orgtgerbet glibc @ma27:nicht-so.sexy: https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2026-0001 https://github.com/NixOS/nixpkgs/issues/480802 https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2026-0002 20:35:28
@ma27:nicht-so.sexyma27I'll have dinner first and then prepare a patch.20:50:59
@ma27:nicht-so.sexyma27 https://github.com/NixOS/nixpkgs/pull/480822, 25.11 will follow later or tomorrow. 22:12:32
@k900:0upti.meK900So uh22:14:50
@k900:0upti.meK900Do we scrap the cycle22:14:52
@k900:0upti.meK900 I guess #Staging 22:15:00

Show newer messages

Back to Room ListRoom Version: 6