!ZRgXNaHrdpGqwUnGnj:nixos.org

NixOS Security Triage

748 Members
Coordination and triage of security issues in nixpkgs231 Servers

Load older messages

SenderMessageTime
6 Jul 2021
@obfusk:matrix.org幸猫 (𝗍𝗁𝖾𝗒/𝗍𝗁𝖾𝗆) changed their display name from 幸猫 (π‘‘β„Žπ‘’π‘¦/π‘‘β„Žπ‘’π‘š) to 幸猫 (𝗍𝗁𝖾𝗒/𝗍𝗁𝖾𝗆).22:40:30
7 Jul 2021
@quantumghost:matrix.orgquantumghost joined the room.03:58:19
@lassulus:nixos.devlassulus joined the room.08:12:31
@stefandeml:matrix.orgstefandeml joined the room.08:25:55
@red:evil.redredFYI: I found an exploitable bug in the ponyc compiler which allowed an attacker to do silently(ish) bypass ponyc's supply chain attack defenses. It got fixed within a few hours and a new version of the compiler has been released. I'm testing the new nixpkgs package for it and will tag it with security when I get the PR up.17:56:20
@red:evil.redredThere is no assigned CVE or anything, didn't seem like any point since they fixed it within an hour :-P{17:57:45
@red:evil.redred * There is no assigned CVE or anything, didn't seem like any point since they fixed it within an hour :-P17:57:50
@red:evil.redredalthough now that I've said that out loud I'm doubting myself...17:58:33
@red:evil.redredsince a CVE notification is useful for people to know to update17:58:54
@stigo:matrix.orgstigo joined the room.18:08:37
@leo60228:matrix.orgleo60228 joined the room.18:25:09
@leo60228:matrix.orgleo60228it was mentioned on /r/nixos that the gpg keys on https://nixos.org/community/teams/security.html are expired18:25:46
@leo60228:matrix.orgleo60228i feel like this is probably bad?18:25:59
@stigo:matrix.orgstigo
In reply to @leo60228:matrix.org
i feel like this is probably bad?
grahamc (he/him): ^^ 		18:37:30
@grahamc:nixos.org@grahamc:nixos.orgah good to know, I'll update18:40:57
@grahamc:nixos.org@grahamc:nixos.orgbut also, I can't wait to get rid of myGPG key18:40:59
@roosemberth:orbstheorem.chRoosWhat would you be replacing it with?18:46:31
@grahamc:nixos.org@grahamc:nixos.organything 😭19:02:08
@sandro:supersandro.deSandroCan I fax it to you?19:11:28
@roosemberth:orbstheorem.chRoos:(19:16:57
@red:evil.redredbut GPG loves you graham19:32:15
@grahamc:nixos.org@grahamc:nixos.orgyes I'll accept fax19:36:12
8 Jul 2021
@_xmpp_julm=40sourcephile.fr:matrix.orgjulm left the room.13:16:41
@_xmpp_julm=40sourcephile.fr:matrix.orgjulm joined the room.14:46:37
@_xmpp_julm=40sourcephile.fr:matrix.orgjulm left the room.16:21:49
@_xmpp_julm=40sourcephile.fr:matrix.orgjulm joined the room.16:27:50
@_xmpp_julm=40sourcephile.fr:matrix.orgjulm left the room.17:56:10
@_xmpp_julm=40sourcephile.fr:matrix.orgjulm joined the room.18:51:00
9 Jul 2021
@1legend:envs.netlegend joined the room.00:49:33
@1legend:envs.netlegend left the room.02:17:16

Show newer messages

Back to Room ListRoom Version: 6