| 27 Nov 2024 |
 hexa | https://www.openwall.com/lists/oss-security/2024/11/27/3 jenkins | 17:01:18 |
 Michael | In reply to @hexa:lossy.network
https://github.com/goauthentik/authentik/security/advisories/GHSA-qxqc-27pr-wgc8 nvm, looks like we're patched That's a different (older) advisory. The timing attack one is https://github.com/goauthentik/authentik/security/advisories/GHSA-2xrw-5f2x-m56j | 17:50:12 |
 Jan Tojnar |
Thanks. https://github.com/NixOS/nixpkgs/pull/359662 | 20:32:28 |
|  stigo changed their display name from stigo to stigo (away). | 20:49:37 |
| 28 Nov 2024 |
|  DenKn changed their display name from DenKn to 𝔇𝔢𝔫𝔎𝔫. | 10:54:07 |
|  shawn8901 left the room. | 18:48:42 |
| shawn8901 joined the room. | 18:54:10 |
 Minijackson | Redacted or Malformed Event | 23:19:46 |
| 29 Nov 2024 |
|  lassulus changed their profile picture. | 18:30:20 |
| 1 Dec 2024 |
| shawn8901 left the room. | 00:08:10 |
| shawn8901 joined the room. | 00:11:08 |
|  maralorn left the room. | 09:24:14 |
| 2 Dec 2024 |
|  dish [Fox/It/She] changed their profile picture. | 19:59:17 |
| 3 Dec 2024 |
| stigo changed their display name from stigo (away) to stigo. | 00:52:02 |
|  getchoo changed their profile picture. | 06:06:26 |
|  fernsehmuell (☎️ 3376 he/him) joined the room. | 15:20:58 |
| fernsehmuell (☎️ 3376 he/him) | Hello, everyone. I just stumbled about this: https://discuss.rubyonrails.org/t/rails-html-sanitizer-v1-6-1-addresses-multiple-cves/88092 Gitlab, Redmine, Zammad, Mastodon, Discourse and metasploit use that gem. | 15:23:43 |
 teutat3s | https://github.com/element-hq/synapse/releases/tag/v1.120.2 | 16:56:21 |
| 6 Dec 2024 |
|  cafkafk changed their profile picture. | 03:43:51 |
|  Ahurac joined the room. | 12:30:28 |
 Scrumplex | high Python vulnerability 👀
https://www.cve.org/CVERecord?id=CVE-2024-12254
https://github.com/python/cpython/pull/127656 | 17:41:18 |
| Scrumplex | Relevant patch for 3.12: https://github.com/python/cpython/commit/9aa0deb2eef2655a1029ba228527b152353135b5 | 17:42:26 |
| hexa | meh | 17:42:35 |
| Scrumplex | yeah not sure why this is over 8 | 17:42:43 |
 magic_rb | (i was expecting worse) | 17:42:45 |
| Scrumplex | * yeah not sure why this has a score over 8 | 17:42:55 |
| magic_rb | * (i was expecting worse, great SNR) | 17:43:04 |
| hexa | bdraco++ | 17:43:15 |
| hexa | https://github.com/NixOS/nixpkgs/pull/362523 | 18:13:05 |
 dotlambda | https://github.com/Kludex/python-multipart/security/advisories/GHSA-59g5-xgcq-4qw3 fixed in https://github.com/NixOS/nixpkgs/pull/362558 | 20:53:24 |
