!ZRgXNaHrdpGqwUnGnj:nixos.org

NixOS Security Triage

699 Members
Coordination and triage of security issues in nixpkgs216 Servers

Load older messages

SenderMessageTime
16 Jan 2024
@k900:0upti.meK900* Oh god15:28:28
@vcunat:matrix.orgvcunatI don't think you need to run it.15:30:41
@vcunat:matrix.orgvcunatJust update version and hash. (version repeats IIRC)15:30:54
@vcunat:matrix.orgvcunatSurely a security update won't change the set of dependencies.15:31:29
@vcunat:matrix.orgvcunat(the X stuff is very unmoving anyway)15:31:49
@fabianhjr:matrix.orgFabián Herediaok, doing manually then.15:35:26
@k900:0upti.meK900The script seems to be working for me15:35:49
@k900:0upti.meK900OK the script kinda works15:46:35
@fabianhjr:matrix.orgFabián Herediahttps://github.com/NixOS/nixpkgs/pull/28135015:49:06
@k900:0upti.meK900https://github.com/NixOS/nixpkgs/pull/281349 ?15:49:45
@k900:0upti.meK900I have another thing there15:49:54
@fabianhjr:matrix.orgFabián Heredia:O15:50:13
@fabianhjr:matrix.orgFabián Herediaclosing as dupe then15:50:20
@k900:0upti.meK900It builds, Plasma test passes, merged15:56:54
@sasha:the-apothecary.clubMoved to @sashanoraa:matrix.org joined the room.17:06:21
@adam:robins.wtf@adam:robins.wtf joined the room.17:18:46
@tgerbet:matrix.orgtgerbethttps://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h20:17:35
@k900:0upti.meK900Not really much we can do20:17:55
@k900:0upti.meK900I guess update our EDK220:17:59
@tgerbet:matrix.orgtgerbetYep update is not yet available but there is a patch for 7 out of 9 issues in edk2 bugtracker, I will take a look in a moment. 20:22:06
@k900:0upti.meK900Thing is, our EDK2 is only used for VM tests basically20:24:46
@k900:0upti.meK900Which is not very relevant to this20:24:56
@raitobezarius:matrix.orgraitobezariusI did enable the IPv6 stack recently20:25:27
@raitobezarius:matrix.orgraitobezariusAnd some people deploy that EDK2 on real systems ahem20:25:47
@hexa:lossy.networkhexamy local qemu test vms use edk221:00:44
@adam:robins.wtf@adam:robins.wtfincus and lxd are using edk2 too23:07:44
@adam:robins.wtf@adam:robins.wtfrunning the virtual-machine test should be sufficient23:08:05
@raitobezarius:matrix.orgraitobezarius
In reply to @tgerbet:matrix.org
Yep update is not yet available but there is a patch for 7 out of 9 issues in edk2 bugtracker, I will take a look in a moment.

Can you put me in the loop or ping me if you need my actions? I am not sure if I want to patch too early EDK2 shit because their QA is outright bad in general 		23:21:46
@tgerbet:matrix.orgtgerbetI just requested a review from you 👍 https://github.com/NixOS/nixpkgs/pull/281405 23:26:39
@mtxyz:the-apothecary.clubBailey (she/they) joined the room.23:36:16

Show newer messages

Back to Room ListRoom Version: 6