| 18 Feb 2025 |
 hexa | https://www.openwall.com/lists/oss-security/2025/02/18/1 | 11:39:02 |
| hexa | openssh | 11:39:05 |
 Arian | VerifyHostKeyDNS is not enabled by default on nixos right | 11:41:20 |
 Niklas Korz | no, but there are at least some public configs enabling it: https://grep.app/search?f.lang=Nix&f.lang.pattern=nix&q=VerifyHostKeyDNS | 11:44:04 |
| Arian | I definitely had it enabled in my homelab before because if was using SSHFP | 11:45:11 |
| Niklas Korz | oh, NuschtOS enables it by default (cc Sandro 🐧 👀) | 11:45:16 |
 Sandro | https://www.openssh.com/releasenotes.html#9.9p2 | 12:10:24 |
| Sandro | I don't see a PR yet | 12:11:53 |
 tgerbet | I'm running the tests right now | 12:45:25 |
|  @stites:matrix.org left the room. | 12:54:35 |
| tgerbet | https://github.com/NixOS/nixpkgs/pull/383096 | 13:07:40 |
 emily | I believe VerifyHostKeyDNS is only safe if you are running a DNSSEC-validating resolver locally. caveat emptor | 18:49:56 |
| emily | (I mean, even post-fix.) | 18:50:01 |
 leona | fun with grub
https://www.openwall.com/lists/oss-security/2025/02/18/3 | 19:15:47 |
| hexa | unmaintained … rip | 19:29:09 |
| 19 Feb 2025 |
|  sss | 20:06:15 |
| hexa | https://www.openwall.com/lists/oss-security/2025/02/19/1 exim @[0x4A6F] | 23:28:01 |
| hexa | In reply to@leona:leona.is
fun with grub
https://www.openwall.com/lists/oss-security/2025/02/18/3 [SECURITY PATCH 00/73] GRUB2 vulnerabilities - 2025/02/18, Daniel Kiper <=
<del>let's just casually apply this 73 patches</del> | 23:29:47 |
| hexa | [SECURITY PATCH 00/73] GRUB2 vulnerabilities - 2025/02/18, Daniel Kiper <=
let's just casually apply this 73 patches | 23:29:52 |
| hexa | [SECURITY PATCH 00/73] GRUB2 vulnerabilities - 2025/02/18, Daniel Kiper <=
let's just casually apply these 73 patches | 23:29:59 |
| tgerbet | I gave it a try https://github.com/NixOS/nixpkgs/pull/383375
Something breaks nixosTests.grub, still need to identify what...
| 23:30:00 |
| hexa | bold, you even broken tree-sitter (github diff) | 23:30:34 |
| hexa | ah nvm, that's actually commented | 23:30:47 |
| 21 Feb 2025 |
 dotlambda | https://github.com/NixOS/nixpkgs/pull/367821#issuecomment-2672999843 | 00:15:44 |
|  alexandi joined the room. | 06:53:38 |
 Markus Theil | https://github.com/cisco/openh264/security/advisories/GHSA-m99q-5j7x-7m9x | 20:17:47 |
| Markus Theil | https://github.com/NixOS/nixpkgs/pull/384033 | 20:24:42 |
| 23 Feb 2025 |
|  TrungHieu joined the room. | 08:27:37 |
|  @linucifer:envs.net removed their profile picture. | 17:24:48 |
| @linucifer:envs.net removed their display name linucifer. | 17:24:54 |
