!ZRgXNaHrdpGqwUnGnj:nixos.org

NixOS Security Triage

747 Members
Coordination and triage of security issues in nixpkgs231 Servers

Load older messages

SenderMessageTime
19 May 2026
@hexa:lossy.networkhexaRedacted or Malformed Event14:54:44
@k900:0upti.meK900 At this point they're very clearly drip feeding the shit they found 14:54:55
@k900:0upti.meK900As an ad for their LLM shit14:55:08
@hexa:lossy.networkhexayou can, but there is no expectation of responsible disclosure anymore for linux lpe14:55:15
@hexa:lossy.networkhexaRedacted or Malformed Event14:55:17
@hexa:lossy.networkhexaso I'm going back to say defense in depth14:55:35
@k900:0upti.meK900 At least have the common decency to drop everything you've found at the same time 14:55:36
@hexa:lossy.networkhexaRedacted or Malformed Event14:55:39
@hexa:lossy.networkhexaRedacted or Malformed Event14:55:42
@k900:0upti.meK900 So people don't have to run back to patch their systems every other day 14:55:44
@nina.fromm:cyberus-technology.deNina FrommBut that'd be bad for marketing ☝️14:55:59
@hexa:lossy.networkhexa back to #security-discuss:nixos.org, there is nothing to triage here 14:56:53
@grimmauld:m.grimmauld.deGrimmauld (any/all) Ah oops, that didn't show up in PR search at all and also is older than the gimp release (was updated after it was opened), sorry 14:57:13
@todoqki:matrix.orgtodo joined the room.15:41:37
@sandro:supersandro.deSandroBut it isn't even Friday :(20:23:49
@hexa:lossy.networkhexakitty https://db.gcve.eu/vuln/cve-2026-3364220:48:18
@amadaluzia:4d2.orgamadaluzia changed their profile picture.20:56:44
20 May 2026
@hexa:lossy.networkhexahttps://www.drupal.org/psa-2026-05-18 today08:33:03
@hexa:lossy.networkhexa unbound https://nlnetlabs.nl/news/2026/May/20/unbound-1.25.1-released/ Scrumplex 09:31:13
@hexa:lossy.networkhexa rsync https://seclists.org/oss-sec/2026/q2/620 balsoft dish [Fox/It/She] 09:31:51
@pyrox:pyrox.devdish [Fox/It/She]
In reply to @hexa:lossy.network
rsync https://seclists.org/oss-sec/2026/q2/620 balsoft dish [Fox/It/She]
working on an update now 		12:32:57
@pyrox:pyrox.devdish [Fox/It/She] https://github.com/NixOS/nixpkgs/pull/522245 13:48:57
@pyrox:pyrox.devdish [Fox/It/She]

https://w.on-t.work/activitypub/may-2026-vulnerability

seems like most activitypub servers may have security releases

14:23:00
@hexa:lossy.networkhexa https://seclists.org/oss-sec/2026/q2/630 apparmor Grimmauld (any/all) 16:47:59
@hexa:lossy.networkhexa https://seclists.org/oss-sec/2026/q2/626 pdns Mic92 16:48:39
@hexa:lossy.networkhexahttps://seclists.org/oss-sec/2026/q2/625 bind9 (unmaintained)16:48:56
@joerg:thalheim.ioMic92I am not even using pdns.18:33:52
@joerg:thalheim.ioMic92Just a nix-update should be enough on this18:34:33
@leona:leona.isleonabut you are listed as maintainer.18:34:35
@joerg:thalheim.ioMic92I will fix that part18:43:23

Show newer messages

Back to Room ListRoom Version: 6