!tPxtoBdChSsxHuBlNW:nixos.org

NixOS Marketing

219 Members
NixOS website + marketing team: https://nixos.org/community/teams/marketing.html49 Servers

Load older messages

SenderMessageTime
10 Sep 2024
@raboof:matrix.orgraboofwe should probably post something about the Nix vulnerability, right? something like "There's a vulnerability in Nix 2.24. If you're using nix from nixpkgs (which the vast majority of users will be), you're still on a safe version. If you recently installed nix using the Determinate Systems installer then you need to double-check. GHSA-h4vv-h3jq-v493 #NixOS #security" (about https://status.determinate.systems/incidents/1js0r53719f4 https://puckipedia.com/7hkj-98sq/qixt)06:49:08
@raboof:matrix.orgraboof * we should probably post something about the Nix vulnerability, right? something like "There's a vulnerability in Nix 2.24. If you're using nix from nixpkgs (which the vast majority of users will be), you're still on a safe version. If you recently installed nix using the Determinate Systems installer then you need to double-check. A fix is expected in version 2.24.6 which is to be released in the morning. GHSA-h4vv-h3jq-v493 #NixOS #security" (about https://status.determinate.systems/incidents/1js0r53719f4 https://puckipedia.com/7hkj-98sq/qixt)06:55:18
@raboof:matrix.orgraboof * we should probably post something about the Nix vulnerability, right? something like "There's a vulnerability in Nix 2.24. If you're using nix from nixpkgs (which the vast majority of users will be), you're still on a safe version. If you recently (after August 1st) installed nix using the Determinate Systems installer then you need to double-check. A fix is expected in version 2.24.6 which is to be released in the morning. GHSA-h4vv-h3jq-v493 #NixOS #security" (about https://status.determinate.systems/incidents/1js0r53719f4 https://puckipedia.com/7hkj-98sq/qixt)06:59:18
@paperdigits:matrix.orgmicaShouldn't DetSys post about their installer?07:03:04
@raboof:matrix.orgraboofYes, they should, but the problem is not in their installer, it's in the released nix versions07:04:10
@raboof:matrix.orgraboof * Yes, they should (and do), but the problem is not in their installer, it's in the released nix versions07:04:24
@raboof:matrix.orgraboof'luckily' (i.e. thanks to the reporters) that version hasn't hit nixpkgs yet, and I'm not aware of other distribution mechanisms that'd have it, but there might be07:06:00
@paperdigits:matrix.orgmicaThe link to puckipedia above 404s since I guess matrix is bad at parsing URLs 07:07:17
@raboof:matrix.orgraboofoh, it works in my client (element-desktop) 😆07:09:57
@raboof:matrix.orgraboof * we should probably post something about the Nix vulnerability, right? something like "There's a vulnerability in Nix 2.24. If you're using nix from nixpkgs (which the vast majority of users will be), you're still on a safe version. If you recently (after August 1st) installed nix using the Determinate Systems installer then you need to double-check. A fix is expected in version 2.24.6 which is to be released soon. GHSA-h4vv-h3jq-v493 #NixOS #security" (about https://status.determinate.systems/incidents/1js0r53719f4 https://puckipedia.com/7hkj-98sq/qixt)07:14:48
@raboof:matrix.orgraboof * we should probably post something about the Nix vulnerability, right? something like "There's a vulnerability in Nix 2.24. If you're using nix from nixpkgs (which the vast majority of users will be), you're still on a safe version. If you recently (after August 1st) installed nix using the nix (not NixOS) installers then you need to double-check. A fix is expected in version 2.24.6 which is to be released soon. GHSA-h4vv-h3jq-v493 #NixOS #security" (about https://status.determinate.systems/incidents/1js0r53719f4 https://puckipedia.com/7hkj-98sq/qixt)07:20:39
@paperdigits:matrix.orgmicaAlso on mastodon they've already retooted you ;)07:20:56
@raboof:matrix.orgraboof * we should probably post something about the Nix vulnerability, right? something like "There's a vulnerability in Nix 2.24. If you're using the regular nix from nixpkgs (which the vast majority of users will be), you're still on a safe version. If you recently (after August 1st) installed nix using the nix (not NixOS) installers, or are using nixVersions.git from nixpkgs, then you need to double-check. A fix is expected in version 2.24.6 which is to be released soon. GHSA-h4vv-h3jq-v493 #NixOS #security" (about https://status.determinate.systems/incidents/1js0r53719f4 https://puckipedia.com/7hkj-98sq/qixt)07:28:32
@raboof:matrix.orgraboofthanks for the feedback (here and in DMs), posted now.07:29:53
@matthewcroughan:defenestrate.itmatthewcroughan changed their display name from matthewcroughan - going to nix.camp to matthewcroughan.15:34:17
@raboof:matrix.orgraboofdo we have any place to share visuals to go with posts? maybe https://github.com/NixOS/nixos-artwork/pull/135 would be a suitable place?17:26:49
12 Sep 2024
@fricklerhandwerk:matrix.orgfricklerhandwerkHere's a EU survey about the planned cut of NGI funding for next year, where EU citizens and organisations can respond: https://ec.europa.eu/info/law/better-regulation/have-your-say/initiatives/13880-Digital-Europe-programme-interim-evaluation/public-consultation_en It's still open until 2024-09-20. Would be great if we could notify our audience about it, since the NGI grants are a major resource for the Nix ecosystem. This relates to the open letter the NGI0 consortium has published in July: https://nixos.org/blog/announcements/2024/letter/16:01:38
@qyliss:fairydust.spaceAlyssa RossAccording to NLnet this is not about NGI funding: https://social.nlnet.nl/@nlnet/statuses/01J7GR5TNX28F9VRXTMZSKQHEH16:13:46
@qyliss:fairydust.spaceAlyssa Ross(Still seems like a good idea to fill it in)16:14:08
@fricklerhandwerk:matrix.orgfricklerhandwerk
In reply to @qyliss:fairydust.space
According to NLnet this is not about NGI funding: https://social.nlnet.nl/@nlnet/statuses/01J7GR5TNX28F9VRXTMZSKQHEH
Ah indeed. I was already confused about the unfamiliar wording. Thanks for the clarificaton Alyssa Ross 		16:37:38
@fricklerhandwerk:matrix.orgfricklerhandwerk
In reply to @qyliss:fairydust.space
According to NLnet this is not about NGI funding: https://social.nlnet.nl/@nlnet/statuses/01J7GR5TNX28F9VRXTMZSKQHEH
* Ah indeed. I was already confused about the unfamiliar wording. Thanks for the clarification Alyssa Ross 		16:37:42
14 Sep 2024
@ss:someonex.netSomeoneSerge (utc+3) changed their display name from SomeoneSerge (nix.camp) to SomeoneSerge (utc+3).11:37:40
16 Sep 2024
@lassulus:lassul.uslassulus raboof thilobillerbeck (avocadoom) : it would be nice of one of you could merge the election announcement: https://github.com/NixOS/nixos-homepage/pull/1546 17:48:31
@avocadoom:avocadoom.dethilobillerbeck (avocadoom)done18:39:10
@infinisil:matrix.orginfinisil

raboof: Can you queue social media posts? Perhaps

As a first step towards a better governance for official Nix projects, we are happy to announce the kick-off of the first Nix Steering Committee election! https://discourse.nixos.org/t/nix-steering-committee-election-2024/52232

18:40:40
@silentlurker:matrix.orgsilentlurker joined the room.20:01:59
@raboof:matrix.orgraboofpost-election.png
Download post-election.png		21:35:56
@raboof:matrix.orgraboofScheduled for 09:00 Europe/Ljubljana time on Linkedin, Mastodon and X21:35:58
@infinisil:matrix.orginfinisil

@raboof:matrix.org Damn, fancy! Thanks!

23:09:15
17 Sep 2024
@raboof:matrix.orgraboofhttps://chaos.social/@nixos_org/113151600483470714 - people are reading things into the hand signs it seems - I propose I'll remove the 'ok' hand sign if I ever do another elections post but leave this one like this08:31:22

Show newer messages

Back to Room ListRoom Version: 6