!ZRgXNaHrdpGqwUnGnj:nixos.org

NixOS Security Triage

639 Members
Coordination and triage of security issues in nixpkgs | Discussions in #security-discuss:nixos.org | Open PRs: https://github.com/NixOS/nixpkgs/pulls?q=is%3Apr+is%3Aopen+sort%3Aupdated-desc+label%3A%221.severity%3A+security%22200 Servers

Load older messages

SenderMessageTime
8 Jun 2025
@-jb:matrix.org@-jb:matrix.org removed their display name Jb.09:16:56
@-jb:matrix.org@-jb:matrix.org left the room.09:17:11
9 Jun 2025
@h0nig2k:matrix.orgh0nig2khttps://github.com/NixOS/nixpkgs/issues/415282 for sqlite CVE's related to 25.0512:23:07
@h0nig2k:matrix.orgh0nig2k* https://github.com/NixOS/nixpkgs/issues/415282 for sqlite CVE's related to 25.05, fixes are present for master already12:23:33
@h0nig2k:matrix.orgh0nig2k* https://github.com/NixOS/nixpkgs/issues/415282 for sqlite CVE's related to 25.05, fixes are present for master already but backport PR was closed12:30:06
@konys.synok:matrix.orgKonys Synok joined the room.13:14:21
10 Jun 2025
@teutat3s:pub.solarteutat3s https://github.com/NixOS/nixpkgs/pull/415625 Fixes CVE-2025-48937 18:05:20
@hexa:lossy.networkhexa K900: https://kde.org/info/security/advisory-20250609-1.txt konsole 23:51:04
@hexa:lossy.networkhexa * K900: https://kde.org/info/security/advisory-20250609-1.txt konsole https://proofnet.de/publikationen/konsole_rce.html 23:51:11
11 Jun 2025
@k900:0upti.meK900
In reply to @hexa:lossy.network
K900: https://kde.org/info/security/advisory-20250609-1.txt konsole
Fixed in 25.04.2 so we should be good everywhere 		06:23:38
@astodialo:matrix.orgelamon joined the room.15:15:32
@saiko:knifepoint.netKatalin 🔪 changed their profile picture.16:11:59
@saiko:knifepoint.netKatalin 🔪 changed their display name from Katalin 🔪 to Katalin ⚧︎.16:13:21
12 Jun 2025
@sugi:matrix.besaid.detokudan changed their profile picture.11:54:22
@stigo:matrix.orgstigoRed Hat just assigned CVEs for these: CVE-2025-5914 CVE-2025-5915 CVE-2025-5916 CVE-2025-5917 CVE-2025-591817:54:47
@stigo:matrix.orgstigo* Red Hat just assigned CVEs for these (in coordination with upstream): CVE-2025-5914 CVE-2025-5915 CVE-2025-5916 CVE-2025-5917 CVE-2025-591817:56:40
@stigo:matrix.orgstigo * Red Hat just recently assigned CVEs for these (in coordination with upstream):
CVE-2025-5914
CVE-2025-5915
CVE-2025-5916
CVE-2025-5917
CVE-2025-5918 		18:02:21
13 Jun 2025
@ma27:nicht-so.sexyma27

https://github.com/NixOS/nixpkgs/pull/416357, grafana 12.0.1+security-01 (fixes CVE-2025-3415).
nothing published yet, so I don't really know what this is about.

about to leave, when I'm back I'll also update the package on 24.11.

07:10:29
@ma27:nicht-so.sexyma27 https://github.com/NixOS/nixpkgs/pull/416418 for 24.11 10:37:25
15 Jun 2025
@c3r5b8:matrix.org@c3r5b8:matrix.org left the room.13:32:29
16 Jun 2025
@adam:robins.wtfadamcstephenshttps://github.com/NixOS/nixpkgs/pull/41724814:06:32
17 Jun 2025
@hexa:lossy.networkhexahttps://insinuator.net/2025/06/disclosure-multiple-vulnerabilities-xserver-xwayland/14:51:36
@hexa:lossy.networkhexa * https://insinuator.net/2025/06/disclosure-multiple-vulnerabilities-xserver-xwayland/ K900 Emantor 14:52:04
@k900:0upti.meK900Woo14:56:19
@k900:0upti.meK900On it14:56:22
@k900:0upti.meK900xwayland: https://github.com/NixOS/nixpkgs/pull/41756815:00:26
@k900:0upti.meK900And xorgserver (staging): https://github.com/NixOS/nixpkgs/pull/41756915:03:29
@hexa:lossy.networkhexahttps://github.com/linux-pam/linux-pam/security/advisories/GHSA-f9p8-gjr4-j9gx unmaintained 😕 22:02:13
@hexa:lossy.networkhexa* https://github.com/linux-pam/linux-pam/security/advisories/GHSA-f9p8-gjr4-j9gx unmaintained in nixpkgs 😕 22:02:17
@hexa:lossy.networkhexa

Systems are vulnerable if they use pam_namespace to polyinstantiate a directory

22:02:49

Show newer messages

Back to Room ListRoom Version: 6