| 20 May 2025 |
 emily | https://github.com/NixOS/nixpkgs/pull/409063 https://github.com/NixOS/nixpkgs/pull/409064 | 13:12:40 |
| emily | "Patches to fix CVE-2017-12921 and CVE-2017-12925 and possibly CVE-2017-12920." always a good time when the changelog isn't even sure they fixed the CVE | 13:13:06 |
 hexa | this is imagemagick, you can always assume a vulnerability lingering | 13:16:33 |
| emily | (fixed aliases merge conflict 🙃) | 13:24:32 |
| hexa | https://www.openwall.com/lists/oss-security/2025/05/20/2 openvpn | 15:30:00 |
| hexa |
All versions from v20 through v24 are affected. This has been resolved
in OpenVPN 3 Linux v24.1.
| 15:30:15 |
| hexa | nix-repl> :p openvpn3.version
24
| 15:30:30 |
 tgerbet | https://github.com/NixOS/nixpkgs/pull/409119 | 16:37:41 |
| 21 May 2025 |
 Zhaofeng Li | libarchive: https://github.com/NixOS/nixpkgs/pull/409300
https://github.com/libarchive/libarchive/releases/tag/v3.8.0
Security fixes mixed with new features, no CVEs assigned as far as I can tell | 06:46:07 |
 stigo | I've pinged Red Hat about it, hopefully they will get CVEs fixed | 10:26:12 |
| stigo | (MITRE takes ages to repond) | 10:28:23 |
|  oddlama changed their display name from Malte to oddlama. | 17:42:18 |
