!ZRgXNaHrdpGqwUnGnj:nixos.org

NixOS Security Triage

754 Members
Coordination and triage of security issues in nixpkgs234 Servers

Load older messages

SenderMessageTime
9 Jun 2026
@hexa:lossy.networkhexa Markus Theil are you doing the openssl updates? and 4.0? 12:05:38
10 Jun 2026
@arcayr:mischief.expertarcayrhttps://github.com/NixOS/nixpkgs/pull/530173 2.4.67 -> 2.4.68. killed my prev patch. also adds me back to maintainers.nix because nobody else is maintaining apache.01:55:05
@hugo:okeso.euHugo joined the room.13:42:05
@tgerbet:matrix.orgtgerbetI already had opened https://github.com/NixOS/nixpkgs/pull/529675 but let's go with your if you had yourself as the maintainer :) (Also please it's helpful if PRs with security fixes have the security label + the backport labels)18:23:34
11 Jun 2026
@arcayr:mischief.expertarcayrdon't think i could label stuff until now, i tried previously to tag something else as security and couldn't.02:30:37
@arcayr:mischief.expertarcayrguessing it's because i wasn't in the org.02:30:41
@arcayr:mischief.expertarcayrprevious apache patch actually is what i tried to tag02:30:56
@flx-:matrix.orgflxhttps://github.com/NixOS/nixpkgs/pull/53060005:25:52
@markus.theil:factory.secunet.comMarkus TheilYes, will do this evening. Sorry, somehow overlooked this.09:06:10
@hexa:lossy.networkhexa sterni https://kb.cert.org/vuls/id/862559 18:42:38
@hexa:lossy.networkhexaRedacted or Malformed Event18:42:45
@lav:xmr.selav joined the room.23:50:44
12 Jun 2026
@opandddd:matrix.orgSapii/Saperson changed their display name from Sapii to Sapii/Saperson.01:24:28
@markus.theil:factory.secunet.comMarkus TheilOpenSSL PR: https://github.com/NixOS/nixpkgs/pull/530955 I'm still doing some small smoke tests, like building systemd with it. Will mark as ready when done and ping here.07:22:26
@markus.theil:factory.secunet.comMarkus Theilhttps://github.com/NixOS/nixpkgs/pull/53096407:45:21
@markus.theil:factory.secunet.comMarkus Theil Added another PR for fast path, as mentioned by vcunat. 07:45:43
@robert:funklause.dedotlambdaI don't have time to look into whether https://github.com/NixOS/nixpkgs/pull/526853 can be backported. Note that https://github.com/NixOS/nixpkgs/pull/529580 fixes even more CVEs.18:51:11
14 Jun 2026
@aangularframework:matrix.org@aangularframework:matrix.org left the room.15:49:02
@nick-linux8:mozilla.orgNick joined the room.16:20:16
@nick-linux8:mozilla.orgNickFixes critical CVE in perl package https://github.com/NixOS/nixpkgs/pull/53180923:22:54
@hexa:lossy.networkhexaperl maintainers have been requested23:45:14
15 Jun 2026
@stigo:matrix.orgstigoCritical is probably pushing it a bit, that CVSS score comes from CISA btw12:16:46
@tcllama:matrix.orgtcllama joined the room.18:39:14
19 May 2021
@grahamc:nixos.org@grahamc:nixos.org set the history visibility to "world_readable".22:57:54
@grahamc:nixos.org@grahamc:nixos.org changed the room name to "" from "".22:57:54
@andreas.schraegle:helsinki-systems.deajs124 joined the room.22:58:46
@andi:kack.itandi- joined the room.23:00:51
@hexa:lossy.networkhexa joined the room.23:01:24
@sushi_dude:matrix.orgSushi Dude joined the room.23:04:45
@0x4a6f:matrix.org[0x4A6F] joined the room.23:04:54

Show newer messages

Back to Room ListRoom Version: 6