| 30 Apr 2026 |
 vcunat | (I can have a look later to update.) | 07:34:44 |
| vcunat | I don't see this mentioned in nixpkgs issues+PRs yet:
https://copy.fail | 08:17:44 |
| vcunat | (kernel, CVE-2026-31431) | 08:18:01 |
 leona | it's discussed heavly over in #security-discuss:nixos.org | 08:18:05 |
| leona | (we wait for the 6.12 release, greg will do sometime today likely) | 08:18:20 |
| vcunat | https://github.com/NixOS/nixpkgs/pull/515016 | 09:20:14 |
|  autra joined the room. | 10:20:43 |
| autra | I'm not on the ML, but I could reproduce the copy.fail issue | 10:36:45 |
 hexa | #security-discuss:nixos.org | 10:38:54 |
| hexa | Redacted or Malformed Event | 10:39:06 |
 Fernando Rodrigues | * | 10:58:37 |
|  @enzime:nixos.dev joined the room. | 12:52:46 |
| @enzime:nixos.dev | hexa could you take a look at this PR? it removes DHE from nginx: https://github.com/NixOS/nixpkgs/pull/515057 | 12:54:04 |
| hexa | we're in breaking changes freeze unfortunately | 12:54:31 |
| hexa | Redacted or Malformed Event | 12:54:41 |
| @enzime:nixos.dev | In reply to @hexa:lossy.network
we're in breaking changes freeze unfortunately, so removing the option now is not ok. should we merge the first commit now? | 12:56:37 |
| @enzime:nixos.dev | and then leave the dropping the NixOS option till after the freeze? | 12:56:59 |
| @enzime:nixos.dev | * and then leave dropping the NixOS option till after the freeze? | 12:57:05 |
| hexa | DHE will only be used with dhparams anyway, so I hoped the warning would be sufficient | 12:59:03 |
| @enzime:nixos.dev | just investigated further, it doesn't matter if the first commit is merged now as nginx will just disable DHE if DH params are not configured https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_dhparam | 13:22:10 |
|  @hxr404:tchncs.de left the room. | 13:40:15 |
|  Vinetos joined the room. | 13:47:34 |
 Samuel Dionne-Riel | https://github.com/NixOS/nixpkgs/pull/514603 | 16:01:44 |
| 1 May 2026 |
| leona | https://gstreamer.freedesktop.org/ 1.28.2 fixes a few high score vulnerabilities.
We already have an open PR but it’s not ready and we are on an unsupported version
| 06:41:45 |
| @enzime:nixos.dev left the room. | 06:44:02 |
| 4 May 2026 |
|  AnnoyingRains changed their profile picture. | 02:36:04 |
| 2 May 2026 |
|  Tom changed their profile picture. | 18:41:12 |
| 3 May 2026 |
| AnnoyingRains changed their profile picture. | 13:02:39 |
 Mic92 | https://github.com/NixOS/nixpkgs/pull/516109 vaultwarden | 13:33:05 |
| 6 May 2026 |
 arcayr | https://github.com/NixOS/nixpkgs/pull/517132 apacheHttpd 2.4.66 -> 2.4.67 fixing cve-2026-23918 - https://httpd.apache.org/security/vulnerabilities_24.html / https://www.cve.org/CVERecord?id=CVE-2026-23918 | 04:52:22 |
