| 15 May 2025 |
 hexa | webkitgtk @jtojnar:matrix.org | 17:42:41 |
| hexa | https://webkitgtk.org/security/WSA-2025-0004.html | 17:43:25 |
 Jan Tojnar | Thanks, opened https://github.com/NixOS/nixpkgs/pull/407417 | 18:30:09 |
| 16 May 2025 |
|  Winter joined the room. | 01:58:58 |
| hexa | https://www.openwall.com/lists/oss-security/2025/05/16/7 glibc ma27 | 23:06:10 |
 emily | I suspect the only static setuid program on 90% of NixOS systems is our wrapper? | 23:06:54 |
| emily | which hopefully doesn't dlopen | 23:06:58 |
| emily | well, 90% is probably way too low for that figure. also sorry, forgot this was triage room | 23:07:16 |
| 17 May 2025 |
|  s-rein joined the room. | 03:31:56 |
 aloisw | The wrapper uses musl and erases LD_LIBRARY_PATH, so NixOS should indeed be unaffected. | 05:00:12 |
 ma27 | Agreed.
I'll prepare an update todya nonetheless since people are using nixpkgs to build all kinds of stuff. | 08:12:34 |
 vcunat | Sounds OK for the normal staging* workflow. | 08:34:01 |
 K900 | What's the plan for the next cycle? | 08:36:37 |
