!ZRgXNaHrdpGqwUnGnj:nixos.org

NixOS Security Triage

686 Members
Coordination and triage of security issues in nixpkgs214 Servers

Load older messages

SenderMessageTime
22 May 2021
@ivank:matrix.orgivan changed their display name from Ivan to ivan.21:30:02
23 May 2021
@lukegb:zxcvbnm.ninjalukegb (he/him) joined the room.00:37:14
@lukegb:zxcvbnm.ninjalukegb (he/him) changed their display name from lukegb to lukegb (he/him).01:33:11
@em:queersin.spaceEmelie joined the room.07:46:12
@v:anomalous.euV joined the room.11:20:21
@r_i_s:matrix.orgris_ joined the room.11:28:17
@r_i_s:matrix.orgris_ set a profile picture.11:35:33
@h4rdstyl3z:matrix.orgh4rdstyl3z joined the room.12:31:33
@Las:matrix.orgLas joined the room.14:01:06
@r_i_s:matrix.orgris_ changed their display name from r_i_s to ris_.14:59:06
@aaronjanse:matrix.orgaaronjanse joined the room.18:24:51
@maljub01:matrix.orgmaljub01 joined the room.20:03:42
@pennae:matrix.eno.spacepennae joined the room.20:59:57
24 May 2021
@rajivr:matrix.orgrajivr joined the room.03:35:16
@kunrooted:matrix.orgkunrooted joined the room.05:16:05
@moritz.hedtke:matrix.orgmoritz.hedtke joined the room.14:27:56
@hexa:lossy.networkhexahttps://github.com/vector-im/element-web/releases/tag/v1.7.2917:14:31
@hexa:lossy.networkhexa
Element Web 1.7.29 fixes (by upgrading to olm 3.2.3) an issue in code used for
decrypting server-side stored secrets. The issue could potentially allow a
malicious homeserver to cause a stack buffer overflow in the affected function
and to control that function's local variables.
17:14:45
@hexa:lossy.networkhexahttps://github.com/NixOS/nixpkgs/pull/12427617:14:58
@hexa:lossy.networkhexahttps://nixpk.gs/pr-tracker.html?pr=124276 Let'see see that PR Tracker18:29:00
@ijustwannalurk:matrix.orgijustwannalurk joined the room.21:55:25
25 May 2021
@sumner:sumnerevans.comsumnerCan anyone else review the above and get it merged?00:22:13
@hexa:lossy.networkhexamerged00:26:17
@hexa:lossy.networkhexaplease create the backport prs00:26:25
@sumner:sumnerevans.comsumner hexa: haven't ever done that. Will look into it in a couple hours. 00:32:56
@hexa:lossy.networkhexathanks!00:33:14
@sumner:sumnerevans.comsumnerHow should I test on 21.05 and 20.09?02:56:28
@sandro:supersandro.deSandroWhat do you want to test?02:59:02
@sumner:sumnerevans.comsumnerI want to test the following backports: https://github.com/NixOS/nixpkgs/pull/124326 and https://github.com/NixOS/nixpkgs/pull/12432703:01:51
@sumner:sumnerevans.comsumner hexa: mentioned that he tested on 20.09 (https://github.com/NixOS/nixpkgs/pull/124276#pullrequestreview-667050318), but I'm not sure the best approach for testing in general since I'm running unstable on all my machines. 03:02:48

Show newer messages

Back to Room ListRoom Version: 6