| 27 Jun 2025 |
 h0nig2k | you are right, i was not aware of the backport, thx! | 18:05:15 |
 hexa | https://www.libssh.org/2025/06/24/libssh-0-11-2-security-and-bugfix-release/ https://github.com/NixOS/nixpkgs/pull/419747 | 20:22:31 |
| 28 Jun 2025 |
 Grimmauld (any/all) | https://github.com/advisories/GHSA-c2mm-9c32-xc37
https://github.com/NixOS/nixpkgs/pull/413267
cc primeos | 15:08:20 |
| Grimmauld (any/all) | according to repology, perl also has an update for security, though i am too unfamiliar with our perl to judge whether we already patched it or not | 15:18:33 |
 tgerbet | Yep it is, was done in https://github.com/NixOS/nixpkgs/pull/398359 | 15:21:20 |
 stigo | nixpkgs was one of the first distros to get patched, and our security team has been added to the pre-release disclosure list for perl-security since then | 17:11:55 |
| 30 Jun 2025 |
| Grimmauld (any/all) | libxml2 (cc Jan Tojnar i guess...):
https://github.com/NixOS/nixpkgs/pull/418280
https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.14.4
https://access.redhat.com/security/cve/CVE-2025-6021 | 09:10:26 |
| Grimmauld (any/all) | * libxml2 (cc Jan Tojnar i guess...):
https://github.com/NixOS/nixpkgs/pull/418280
https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.14.4
https://access.redhat.com/security/cve/CVE-2025-6021
(apparently our bump to tip-of-branch got lucky and includes the cve fix, oh well) | 09:16:24 |
 bwlf | https://www.openwall.com/lists/oss-security/2025/06/30/3 https://www.openwall.com/lists/oss-security/2025/06/30/2
| 16:32:22 |
|  dan_nrw changed their profile picture. | 17:16:27 |
| dan_nrw changed their profile picture. | 17:17:27 |
| tgerbet | https://github.com/NixOS/nixpkgs/pull/421314 | 19:31:01 |
| h0nig2k | python setuptools CVE 7.7 (only 25.05): https://github.com/NixOS/nixpkgs/pull/421343 | 21:18:40 |
| h0nig2k | * python setuptools CVE 7.7 (only 25.05): https://github.com/NixOS/nixpkgs/pull/421350 | 21:48:50 |
| 1 Jul 2025 |
|  djacu joined the room. | 03:29:06 |
