!ZRgXNaHrdpGqwUnGnj:nixos.org

NixOS Security Triage

692 Members
Coordination and triage of security issues in nixpkgs216 Servers

Load older messages

SenderMessageTime
30 Jul 2024
@hexa:lossy.networkhexa * https://github.com/twisted/twisted/security/advisories/GHSA-c8m8-j448-xjx7 is the actual security issue, in twisted22:32:41
31 Jul 2024
@hexa:lossy.networkhexahttps://www.openwall.com/lists/oss-security/2024/07/31/1 curl (including 8.9.0)09:50:05
@sandro:supersandro.deSandrofix is only available in an rc? no links to commits....11:20:07
@teutat3s:pub.solarteutat3sIs the build failure expected here? https://github.com/NixOS/nixpkgs/pull/331177/checks?check_run_id=2813780959812:29:07
1 Aug 2024
@tammi:greyseal.euTammi (ey/em)Redacted or Malformed Event06:33:06
@vsh:nyantec.comVika Shleina (she/her) changed their profile picture.11:50:40
@teutat3s:pub.solarteutat3shttps://github.com/NixOS/nixpkgs/pull/33127715:35:59
4 Aug 2024
@ma27:nicht-so.sexyma27 xss in roundcube: https://github.com/roundcube/roundcubemail/releases/tag/1.6.8
preparing an update now. 		15:06:53
7 Aug 2024
@adam:robins.wtfadamcstephens changed their display name from adamcstephens 🐝 to adamcstephensL.00:17:26
@adam:robins.wtfadamcstephens changed their display name from adamcstephensL to adamcstephens.00:17:46
@teutat3s:pub.solarteutat3s GHSA-f83w-wqhc-cfp4
https://github.com/NixOS/nixpkgs/pull/332940 		08:17:34
@felschr:matrix.orgfelschrhttps://github.com/NixOS/nixpkgs/pull/33283311:50:22
8 Aug 2024
@qyliss:fairydust.spaceAlyssa Ross set a profile picture.18:48:46
9 Aug 2024
@emilazy:matrix.orgemilyhttps://i.blackhat.com/BH-US-24/Presentations/REVISED02-US24_Moore_Secure_Shells_in_Shambles_Wednesday.pdf#page=7209:57:49
@emilazy:matrix.orgemily RCE in soft-serve, need to bump to 0.7.5 and backport 09:57:59
@emilazy:matrix.orgemily(also in gogs, but we have that marked as insecure already)09:58:05
@emilazy:matrix.orgemilyto 0.7.6 rather I guess09:58:25
@emilazy:matrix.orgemilyhttps://github.com/NixOS/nixpkgs/pull/33138609:58:49
@yaya:uwu.isyayahttps://www.postgresql.org/support/security/CVE-2024-7348/11:33:11
@hexa:lossy.networkhexa cc ma27 11:35:02
@ma27:nicht-so.sexyma27 oh dang right when I'm on vacation.
can you please ping wolfgangwalther (not sure if they have matrix though, obly interacted on github). 		11:57:17
@ma27:nicht-so.sexyma27sowwy11:58:11
@hexa:lossy.networkhexaenjoy!12:02:50
@hexa:lossy.networkhexavia https://github.com/NixOS/nixpkgs/issues/33343012:04:45
10 Aug 2024
@rosscomputerguy:matrix.orgTristan Ross changed their profile picture.03:13:13
@vcunat:matrix.orgvcunat(still needs a manual backport to 24.05, apparently)05:30:55
12 Aug 2024
@sandro:supersandro.deSandrohttps://github.com/dani-garcia/vaultwarden/releases/tag/1.32.009:47:15
@sandro:supersandro.deSandrohttps://github.com/NixOS/nixpkgs/pull/33404809:51:33
@sandro:supersandro.deSandrohttps://github.com/NixOS/nixpkgs/pull/33409910:40:29
@sandro:supersandro.deSandroCVE-2024-7589 in openssh is freebsd specific and doesn't apply to us.12:07:18

Show newer messages

Back to Room ListRoom Version: 6