!ZRgXNaHrdpGqwUnGnj:nixos.org

NixOS Security Triage

690 Members
Coordination and triage of security issues in nixpkgs216 Servers

Load older messages

SenderMessageTime
8 Jun 2021
@janne.hess:helsinki-systems.dedas_jhttps://github.com/orgs/NixOS/teams/security-notifications11:55:40
@hexa:lossy.networkhexahttps://nixos.org/community/teams/security.html11:56:18
@janne.hess:helsinki-systems.dedas_jlol the members on the website don't match up with any of the two teams11:57:15
@janne.hess:helsinki-systems.dedas_jah maybe the security-notifications team11:57:33
@janne.hess:helsinki-systems.dedas_j Alyssa Ross: the backports were just created 11:57:53
@janne.hess:helsinki-systems.dedas_j * Alyssa Ross: the backports were created just now 11:57:58
@hexa:lossy.networkhexaeverything merged12:00:05
@hexa:lossy.networkhexathanks for taking care of that12:00:07
@janne.hess:helsinki-systems.dedas_jfyi, don't delete your branch before the backports were created: https://github.com/NixOS/nixpkgs/pull/126193#issuecomment-85670426112:04:10
@qyliss:fairydust.spaceAlyssa Rossthat's annoying -- the action shouldn't need the branch12:04:54
@janne.hess:helsinki-systems.dedas_jit doesn't. The backports were created anyway but that error was printed afterwards for some reason12:05:13
@hexa:lossy.networkhexapoke domen I guess?12:05:29
@janne.hess:helsinki-systems.dedas_j→ #nixos-dev12:05:51
@hexa:lossy.networkhexaor create an issue here https://github.com/zeebe-io/backport-action12:05:54
@js:ukvly.orgjulianst joined the room.13:25:53
@hexa:lossy.networkhexahttps://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-2021060817:01:28
@janne.hess:helsinki-systems.dedas_jcross-posting this issue here since it seems to be pretty severe for people using firefox addons: https://github.com/NixOS/nixpkgs/issues/126065#issuecomment-85716832921:28:20
@hexa:lossy.networkhexawe are aware and already looking into it21:29:57
@janne.hess:helsinki-systems.dedas_jthank you, that's great21:30:06
@hexa:lossy.networkhexahttps://github.com/NixOS/nixpkgs/pull/12627121:31:55
@hexa:lossy.networkhexathis is not a proper fix, since it introduces a regression into the release21:34:07
@hexa:lossy.networkhexabut fixing up p11-kit/cacert is going to take a while21:34:17
@hexa:lossy.networkhexahttps://nvd.nist.gov/vuln/detail/CVE-2021-2020122:58:16
@hexa:lossy.networkhexafixed in spice >= 0.14.92, which is not a public release yet22:58:40
@hexa:lossy.networkhexahttps://nvd.nist.gov/vuln/detail/CVE-2020-1435522:59:29
@hexa:lossy.networkhexafixed in spice-gtk >= 0.14.2-1, no public release yet22:59:49
9 Jun 2021
@hexa:lossy.networkhexahttps://github.com/NixOS/nixpkgs/pull/12629101:34:44
@pennae:matrix.eno.spacepennaeoh nice, 5th-gen doesn't get updates? :D01:52:11
@kranzes:matrix.orgkranzes left the room.13:31:32
@scr1bbles:matrix.orgscr1bbles joined the room.14:11:15

Show newer messages

Back to Room ListRoom Version: 6