| 5 Jun 2026 |
 stigo | https://github.com/NixOS/nixpkgs/pull/528021 <- perl issues | 10:46:52 |
|  Jonas Chevalier left the room. | 11:40:58 |
| 6 Jun 2026 |
 hexa | https://seclists.org/oss-sec/2026/q2/822 freetype | 01:20:35 |
 whispers [& it/fae] | ^ attempt at https://github.com/NixOS/nixpkgs/pull/528652 | 03:54:33 |
 Emil Thorsøe | Can you elaborate on RCE, I see local privilege escalation? | 04:24:23 |
 K900 | I can't read | 07:35:06 |
| 7 Jun 2026 |
 arcayr | i think the apache team figure cve-2026-49975 isn't worth a proper release, so my pr with the debian patches for it is probably going to be it for a while | 02:31:14 |
| arcayr | are we okay to fetchpatch2 from debian directly or would it be preferred to host the patches | 02:31:25 |
| arcayr | i originally hosted them but figured it looks a bit more reliable and legitimate if they're actually from debian, idk | 02:31:57 |
| arcayr | * | 02:32:06 |
| arcayr | * | 02:32:13 |
| hexa | fetchpatch is fine | 02:37:47 |
 vcunat | From Debian you probably fetchurl, as they have it as a *file* in git. | 05:56:37 |
| 9 Jun 2026 |
| hexa | Markus Theil are you doing the openssl updates? and 4.0? | 12:05:38 |
| 10 Jun 2026 |
| arcayr | https://github.com/NixOS/nixpkgs/pull/530173 2.4.67 -> 2.4.68. killed my prev patch. also adds me back to maintainers.nix because nobody else is maintaining apache. | 01:55:05 |
|  Hugo joined the room. | 13:42:05 |
 tgerbet | I already had opened https://github.com/NixOS/nixpkgs/pull/529675 but let's go with your if you had yourself as the maintainer :)
(Also please it's helpful if PRs with security fixes have the security label + the backport labels) | 18:23:34 |
| 11 Jun 2026 |
| arcayr | don't think i could label stuff until now, i tried previously to tag something else as security and couldn't. | 02:30:37 |
| arcayr | guessing it's because i wasn't in the org. | 02:30:41 |
| arcayr | previous apache patch actually is what i tried to tag | 02:30:56 |
 flx | https://github.com/NixOS/nixpkgs/pull/530600 | 05:25:52 |
 Markus Theil | Yes, will do this evening. Sorry, somehow overlooked this. | 09:06:10 |
| hexa | sterni https://kb.cert.org/vuls/id/862559 | 18:42:38 |
| hexa | Redacted or Malformed Event | 18:42:45 |
|  lav joined the room. | 23:50:44 |
| 12 Jun 2026 |
|  Sapii/Saperson changed their display name from Sapii to Sapii/Saperson. | 01:24:28 |
| Markus Theil | OpenSSL PR:
https://github.com/NixOS/nixpkgs/pull/530955
I'm still doing some small smoke tests, like building systemd with it. Will mark as ready when done and ping here. | 07:22:26 |
| Markus Theil | https://github.com/NixOS/nixpkgs/pull/530964 | 07:45:21 |
| Markus Theil | Added another PR for fast path, as mentioned by vcunat. | 07:45:43 |
 dotlambda | I don't have time to look into whether https://github.com/NixOS/nixpkgs/pull/526853 can be backported.
Note that https://github.com/NixOS/nixpkgs/pull/529580 fixes even more CVEs. | 18:51:11 |
