| 23 Oct 2025 |
 hexa | * https://www.openwall.com/lists/oss-security/2025/10/23/1 pdns-recursor | 16:13:55 |
| 24 Oct 2025 |
|  ⛧-440729 [sophie raven] (it/its) changed their display name from ⛧-440729 [sophie] (it/its) to ⛧-440729 [sophie raven] (it/its). | 06:10:51 |
| hexa | https://nvd.nist.gov/vuln/detail/CVE-2025-62813 lz4 | 10:26:42 |
 SigmaSquadron | XSA #476
master: https://github.com/NixOS/nixpkgs/pull/455255
release-25.05:https://github.com/NixOS/nixpkgs/pull/455256 | 12:42:27 |
| SigmaSquadron | * XSA #476
master: https://github.com/NixOS/nixpkgs/pull/455255
release-25.05: https://github.com/NixOS/nixpkgs/pull/455256 | 12:42:34 |
 vcunat | Those issues are private? | 13:38:51 |
| hexa | https://seclists.org/oss-sec/2025/q4/70? | 13:39:41 |
| hexa | I'm a security manager on the org and I can't see them either, so probably deleted? | 13:40:15 |
 Winter | i’m an org owner and cannot see them either, my guess is he typo’d? | 13:49:55 |
| Winter | i don’t think you can delete PRs like you can issues | 13:50:05 |
| vcunat | Surely typos. The numbers are significantly beyond what's allocated right now. | 13:52:58 |
 tnias | someone named sigmasquadron opened those:
https://github.com/NixOS/nixpkgs/pull/455225
https://github.com/NixOS/nixpkgs/pull/455226 | 13:53:36 |
 niklaskorz | Tarmageddon tracking issue: https://github.com/NixOS/nixpkgs/issues/455265
The "check manually" part is bigger than I'd have liked (script improvals welcome), but considering there are over 2000 packages that the script handled fine, I think it's still reasonably small. | 16:20:28 |
| 25 Oct 2025 |
| SigmaSquadron | * XSA #476
master: https://github.com/NixOS/nixpkgs/pull/455225
release-25.05: https://github.com/NixOS/nixpkgs/pull/455226 | 03:18:01 |
| SigmaSquadron | Whoops, yes. I wrote a 5 when I should've written a 2. Sorry about that; it was late and I went to bed shortly after posting. | 03:18:37 |
| SigmaSquadron | * | 03:18:50 |
| 26 Oct 2025 |
 tgerbet | https://github.com/NixOS/nixpkgs/pull/455943 | 17:42:44 |
| tgerbet | Disputed
https://github.com/NixOS/nixpkgs/pull/455945 | 17:43:13 |
 dotlambda | https://github.com/NixOS/nixpkgs/pull/455984 fixes two undisclosed vulnerabilities in ImageMagick | 19:40:54 |
| 27 Oct 2025 |
| dotlambda | https://github.com/NixOS/nixpkgs/pull/456046 probably fixes a vulnerability in Postfix but there is no official announcement yet | 01:55:21 |
| dotlambda | * https://github.com/NixOS/nixpkgs/pull/455984 fixes two undisclosed vulnerabilities in ImageMagick
EDIT: the vulnerability reports were now published | 01:56:01 |
| dotlambda | * https://github.com/NixOS/nixpkgs/pull/455984 fixes two undisclosed vulnerabilities in ImageMagick
EDIT: the vulnerability reports are now published | 01:56:16 |
|  Dustin Plattner changed their display name from Dustin to Dustin Plattner. | 02:57:36 |
|  ➡️@amadaluzia:unredacted.org joined the room. | 23:56:26 |
| 28 Oct 2025 |
 K900 | https://www.phoronix.com/news/X.Org-Server-3-Vuln-Oct-2025 Xorg again | 13:49:07 |
| K900 | xwayland: https://github.com/NixOS/nixpkgs/pull/456494
Someone else do xorgserver please my brain is very mush | 16:47:49 |
|  zitrone joined the room. | 23:41:42 |
| 29 Oct 2025 |
 mdaniels5757 | Backport, approved by maintainer and containing security fixes: https://github.com/NixOS/nixpkgs/pull/455570 | 00:54:25 |
| 2 Nov 2025 |
|  amadaluzia (🇹🇷 til 25th) joined the room. | 22:34:47 |
| ➡️@amadaluzia:unredacted.org changed their display name from amadaluzia to ➡️@amadaluzia:unredacted.org. | 22:48:07 |
