| 26 Nov 2025 |
 vcunat | That's like a completely different level of severity. | 19:44:12 |
 hexa | posted it before reading it fully, doesn't make sense to me yet, sorry | 19:44:51 |
 mdaniels5757 | The "vuln"s listed are different. On https://packetstorm.news/files/id/189989, the "vuln" is that when you set an arbitrary shell command to run when an IP is banned, and then an IP is banned, the arbitrary shells script runs. But on https://gist.github.com/R-Security/1c707a08f9c7f9a91d9d84b5010aaed2, it claims that there is "insufficient sanitization of variables", I see no evidence of that provided. CVE slop? | 20:42:47 |
| mdaniels5757 | I'll file an issue with upstream and see what they say. | 20:43:35 |
| mdaniels5757 | https://github.com/fail2ban/fail2ban/issues/4110 | 20:58:18 |
| hexa | https://nlnetlabs.nl/news/2025/Nov/26/unbound-1.24.2-released/ | 21:32:26 |
| hexa | something more actionable | 21:32:33 |
 Scrumplex | In reply to @hexa:lossy.network
something more actionable Has already been merged into staging. Currently building 25.05 and 25.11 backports | 22:12:34 |
| Scrumplex | * Has already been merged into staging. Currently building 25.05 and 25.11 backports
Edit: https://github.com/NixOS/nixpkgs/pull/465262 | 22:13:53 |
| 27 Nov 2025 |
 dotlambda | https://github.com/NixOS/nixpkgs/pull/445729#issuecomment-3583620846 | 00:20:14 |
| dotlambda | https://github.com/NixOS/nixpkgs/pull/465433 | 00:21:08 |
|  conatsera joined the room. | 03:14:14 |
| hexa | https://github.com/OpenPrinting/cups/releases/tag/v2.4.15 | 15:33:22 |
| hexa | well, denial of service | 15:33:58 |
| hexa | if you expose a cupsd that wide 🤷 | 15:34:06 |
