!ZRgXNaHrdpGqwUnGnj:nixos.org

NixOS Security Triage

684 Members
Coordination and triage of security issues in nixpkgs | Discussions in #security-discuss:nixos.org | Open PRs: https://github.com/NixOS/nixpkgs/pulls?q=is%3Apr+is%3Aopen+sort%3Aupdated-desc+label%3A%221.severity%3A+security%22208 Servers

Load older messages

SenderMessageTime
28 Mar 2026
@emilazy:matrix.orgemilyhttps://github.com/wolfSSL/wolfssl/releases/tag/v5.9.0-stable18:04:14
@emilazy:matrix.orgemilythree high-severity CVEs and a bunch of others, no PR after ten days šŸ« 18:04:28
@emilazy:matrix.orgemily it's used in only 9 other packages and I'm about to make that 8. perhaps we should consider dropping. maybe tgerbet has input since he had to do the last update. (but #security-discuss:nixos.org for that ofc) 18:05:21
@emilazy:matrix.orgemilyoh, very sorry, it was already mergedā€¦ ignore me18:06:26
29 Mar 2026
@arcayr:mischief.expertarcayr changed their profile picture.11:15:53
30 Mar 2026
@rosssmyth:matrix.org@rosssmyth:matrix.org joined the room.18:03:53
@samuel.dionne-riel:cyberus-technology.deSamuel Dionne-Riel joined the room.21:31:06
31 Mar 2026
@felixalb:feal.nofelixalb joined the room.07:37:08
@prince213:matrix.orgprince213 joined the room.13:05:21
@prince213:matrix.orgprince213https://github.com/NixOS/nixpkgs/pull/50534413:10:37
@prince213:matrix.orgprince2131 medium13:12:14
1 Apr 2026
@pyrox:pyrox.devdish [Fox/It/She] https://github.com/jellyfin/jellyfin/releases/tag/v10.11.7 01:50:10
@pyrox:pyrox.devdish [Fox/It/She]4 security issues fixed, JF team says they're critical to get fixed and details to be released in 14 days01:50:52
@pyrox:pyrox.devdish [Fox/It/She] pr created https://github.com/NixOS/nixpkgs/pull/505528 02:06:57
@nrbray:matrix.orgNigel joined the room.06:39:23
@7karni:matrix.orgAzad Satkarni changed their display name from 7karni to Azad Satkarni.06:40:40
@samuel.dionne-riel:cyberus-technology.deSamuel Dionne-Riel changed their profile picture.14:01:52
@nixith:unredacted.orgnixith joined the room.15:14:59
@samuel.dionne-riel:cyberus-technology.deSamuel Dionne-RielRedacted or Malformed Event21:02:11
2 Apr 2026
@vcunat:matrix.orgvcunatlibpng, mentioned above, now done in https://github.com/NixOS/nixpkgs/pull/50575105:05:08
4 Apr 2026
@vcunat:matrix.orgvcunatQuick note: I see quite a lot of security-tagged pull requests open for weeks without getting merged (and without any visible problem preventing that). I merged several right now.12:06:11
@kuflierl:matrix.orgkuflierl joined the room.15:26:01
7 Apr 2026
@l00n:4d2.orgajk changed their profile picture.08:11:22
@joerg:thalheim.ioMic92https://github.com/NixOS/nixpkgs/pull/50766617:27:26
@joerg:thalheim.ioMic92 hexa: nix security update 17:27:36
@joerg:thalheim.ioMic92 vcunat: do we need to something to kick of an eval? 17:28:25
@joerg:thalheim.ioMic92for nixos-unstable small?17:28:34
@joerg:thalheim.ioMic92github advisory comes in a minute17:29:48
@winter:catgirl.cloudWintercommit messages are wrong?17:30:01
@joerg:thalheim.ioMic92 Winter: yeah, wrong cve number 17:30:20

Show newer messages

Back to Room ListRoom Version: 6