| 3 Dec 2023 |
 eryngion | FYI: I see a bunch of relatively fresh CVE patches in https://github.com/meta-qt5/meta-qt5/tree/master/recipes-qt/qt5/qtbase that we don't have. | 21:42:23 |
 K900 | We should have those | 21:43:02 |
| K900 | Because we are tracking KDE's patchset and not upstream Qt | 21:43:09 |
| K900 | So you need to be looking at https://invent.kde.org/qt/qt/qtbase/-/commits/kde/5.15/ | 21:43:27 |
| K900 | As far as I can tell all the patches OE has we also have | 21:48:21 |
| K900 | At least the ones marked as CVE | 21:48:59 |
| eryngion | Yeah, somebody may have forgotten to refresh his local qtbase repo in moths and should go sleep :) | 21:52:30 |
| 5 Dec 2023 |
|  @federicodschonborn:matrix.org changed their profile picture. | 00:38:37 |
 hexa | https://webkitgtk.org/security/WSA-2023-0011.html Jan Tojnar et al 🙂 | 21:30:38 |
| hexa | https://www.openwall.com/lists/oss-security/2023/12/05/2 Mic92 qbit | 21:44:19 |
 @qbit:tapenet.org | mmm | 21:50:59 |
 Mic92 | hexa: Done. | 21:51:00 |
| Mic92 | Should I put this in staging-next? | 21:51:08 |
| hexa | ask in #staging:nixos.org | 21:52:14 |
| hexa | I think it would be fine | 21:52:20 |
| Mic92 | In reply to @hexa:lossy.network
https://www.openwall.com/lists/oss-security/2023/12/05/2 Mic92 qbit https://github.com/NixOS/nixpkgs/pull/272362/files | 21:57:10 |
| 6 Dec 2023 |
|  Hristo Bakardzhiev joined the room. | 09:18:16 |
|  prusnak changed their profile picture. | 11:25:11 |
| 7 Dec 2023 |
 leona | https://github.com/NixOS/nixpkgs/pull/272672 | 12:49:03 |
| K900 | Wew | 12:50:27 |
|  @igalshilman:matrix.org joined the room. | 19:00:33 |
| 8 Dec 2023 |
|  unnz43yn joined the room. | 17:21:04 |
|  dadada (er/ihm) removed their profile picture. | 19:18:57 |
| hexa | https://github.com/fish-shell/fish-shell/security/advisories/GHSA-2j9r-pm96-wp4f | 21:45:32 |
| hexa | cc cole-h, Winter (she/her) (both release branches are affected) | 22:29:29 |
 cole-h | I think 3.6.4 has already been merged and backported? | 22:58:06 |
| cole-h | PR to master was 272095, and to release-23.11 was 272366, both have made it to channels (though the PR to master is only in unstable-small, not nixpkgs or nixos unstables) | 23:00:48 |
| hexa | cole-h: release-23.05 is on 3.6.1 😉 | 23:10:00 |
| cole-h | Oh yeah | 23:22:35 |
| cole-h | PR up at 273036 | 23:28:12 |
