!ZRgXNaHrdpGqwUnGnj:nixos.org

NixOS Security Triage

749 Members
Coordination and triage of security issues in nixpkgs234 Servers

Load older messages

SenderMessageTime
23 May 2026
@jkarlson:kapsi.fiEmil Thorsøeoh failed status checks08:22:32
@leona:leona.isleonanah, GHA currently has problems that the merge queue checks run into authentication errors (401). So I would say trying again is the best way08:26:22
@whitefish:stratum0.orgwhitefish set a profile picture.09:26:14
@whitefish:stratum0.orgwhitefish changed their profile picture.09:26:32
@whitefish:stratum0.orgwhitefish removed their profile picture.09:26:43
@bart:bartoostveen.nlBart this would be nice to have before the branch-off, is it normal that nixosTests.simple fails on aarch64-linux? 11:44:10
@k900:0upti.meK900 No, it's not 11:44:36
@bart:bartoostveen.nlBart 
2026-05-21T10:11:31.1167956Z building '/nix/store/2df91q1qz53f8z69qi3gz5fnh1j41njl-driverConfiguration.json.drv'...
2026-05-21T10:11:31.1463470Z error: Cannot build '/nix/store/nkf1wmyw5s38msfhm6wyy2asa5a8v9ij-vm-test-run-simple.drv'.
2026-05-21T10:11:31.1464099Z        Reason: missing system features
2026-05-21T10:11:31.1464431Z        Required features: {kvm, nixos-test}
2026-05-21T10:11:31.1464848Z        Available features: {benchmark, big-parallel, nixos-test, uid-range}

Ah, that was just them not being able to run on GHA, makes sense

11:47:15
@bart:bartoostveen.nlBartIn that case it looks ready to me, but can anyone running on arm test this?11:47:57
@grimmauld:m.grimmauld.deGrimmauld (any/all)started a build for passthru tests and nixosTests.simple on my shitty builder, will give you the results after lunch unless someone else is faster with a better builder11:50:55
@hexa:lossy.networkhexaif simple is missing for you, it was renamed to simple-vm11:51:41
@grimmauld:m.grimmauld.deGrimmauld (any/all)Also oops this is triage11:51:54
@freshreplicant:matrix.orgfreshreplicant joined the room.15:19:55
24 May 2026
@unnz43yn:matrix.org@unnz43yn:matrix.org left the room.05:32:00
25 May 2026
@vcunat:matrix.orgvcunatfreetype for 25.11 situation seems untriaged so far: https://github.com/NixOS/nixpkgs/pull/516047#pullrequestreview-430531859712:54:25
@vcunat:matrix.orgvcunat * freetype for NixOS 25.11 situation seems untriaged so far:
https://github.com/NixOS/nixpkgs/pull/516047#pullrequestreview-4305318597 		12:54:35
26 May 2026
@nam3l33ss:matrix.org·☽•Nameless☆•777 · ± changed their profile picture.05:41:36
@flx-:matrix.orgflxhttps://github.com/NixOS/nixpkgs/pull/52305207:08:13
@hexa:lossy.networkhexahttps://badhost.org/11:00:41
@hexa:lossy.networkhexaRedacted or Malformed Event11:00:43
@hexa:lossy.networkhexahttps://github.com/NixOS/nixpkgs/pull/52441211:11:28
@phanirithvij:matrix.orgphanirithvij changed their display name from loudgolem to phanirithvij.11:40:59
28 May 2026
@kuflierl:matrix.orgkuflierlRedacted or Malformed Event09:13:17
@kuflierl:matrix.orgkuflierl * Libheif https://github.com/NixOS/nixpkgs/pull/522835 11:20:41
@kuflierl:matrix.orgkuflierl

Libheif
CVE-2026-32738 (GHSA-7f2h-cmpf-v9ww), CVE-2026-32739 (GHSA-j9g7-q9hv-gq8c), CVE-2026-32740 (GHSA-frfr-f3vg-2g6j), CVE-2026-32741 (GHSA-j3w5-7whq-p37q), CVE-2026-32814 (GHSA-4m8r-34pg-rvwc), CVE-2026-32882 (GHSA-hg7q-rjr2-8x46), CVE-2026-41069 (GHSA-p82x-fpmv-576r), CVE-2026-41071 (GHSA-xj92-xjff-h8w3), CVE-2026-47178 (GHSA-5x55-x5pf-9c6g), CVE-2026-47247 (GHSA-2vh6-whr3-cmq3), CVE-2026-47251 (GHSA-p6q9-fhf2-vj9v), CVE-2026-47254 (GHSA-wqjg-4x9g-6cvg), CVE-2026-47709 (GHSA-4h72-vqgp-9376), CVE-2026-47714 (GHSA-h4wm-6wwf-qvhx), CVE-2026-48029 (GHSA-6x5f-qchq-cxqv), (GHSA-95jx-g5vf-cpp8),(GHSA-p4r6-6972-g26m), (GHSA-jh2w-m72q-q595), (GHSA-9h96-c44j-jpq9)

https://github.com/NixOS/nixpkgs/pull/522835

18:08:53
@k900:0upti.meK900 https://blog.rust-lang.org/2026/05/28/Rust-1.96.0/ Cargo security-ish 19:58:04
@whispers:catgirl.cloudwhispers [& it/fae] https://github.com/NixOS/nixpkgs/pull/525279 is the update for unstable
https://github.com/NixOS/nixpkgs/pull/524640 is the backport to staging-26.05 and is already merged 		20:22:31
@whispers:catgirl.cloudwhispers [& it/fae]* https://github.com/NixOS/nixpkgs/pull/525279 is the update for unstable https://github.com/NixOS/nixpkgs/pull/524640 is the patches picked to staging-26.05 and is already merged20:22:42
@whispers:catgirl.cloudwhispers [& it/fae]* https://github.com/NixOS/nixpkgs/pull/525279 is the update for unstable https://github.com/NixOS/nixpkgs/pull/524640 is the patches picked to staging-26.05 and is already merged it can't make it to 25.11 (no more staging-next-25.11) and i definitely don't think it's a big enough deal to restart a bunch of the current one20:23:34
@whispers:catgirl.cloudwhispers [& it/fae]* https://github.com/NixOS/nixpkgs/pull/525279 is the update for unstable https://github.com/NixOS/nixpkgs/pull/524640 is the patches picked to staging-26.05 and is already merged it can't make it to 25.11 (no more staging-next-25.11 and i definitely don't think it's a big enough deal to restart a bunch of the current one)20:24:53

Show newer messages

Back to Room ListRoom Version: 6