| 10 Sep 2024 |
 hexa | https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20240910 | 18:36:19 |
| 11 Sep 2024 |
| hexa | https://curl.se/docs/CVE-2024-8096.html | 12:35:28 |
| hexa | * https://curl.se/docs/CVE-2024-8096.html curl w/ gnutls | 12:35:50 |
 K900 | Steam no longer affected :P | 12:36:18 |
|  nyanbinary left the room. | 15:29:00 |
| 13 Sep 2024 |
|  tlaurion aka Insurgo [ Timezone: ET ] changed their display name from tlaurion aka Insurgo [UTC-4] (expect delays in answers) to tlaurion aka Insurgo [UTC-4] (expect long delays in answers). | 03:45:37 |
 cafkafk | is this known https://about.gitlab.com/releases/2024/09/11/patch-release-gitlab-17-3-2-released/, can't find any pr/issue on it, and as far as I can tell gitlab and gitlab-ee is affected | 05:39:49 |
| cafkafk | * is this known https://about.gitlab.com/releases/2024/09/11/patch-release-gitlab-17-3-2-released/, can't find any pr/issue on it, and as far as I can tell gitlab and gitlab-ee is affected (nvm, found https://github.com/NixOS/nixpkgs/pull/341398, I'm just blind) | 06:01:10 |
 aidalgol | In reply to @k900:0upti.me
Steam no longer affected :P Because of the recent PR that removed a ton of optional dependencies, or something else? | 20:06:56 |
| K900 | In reply to @aidalgol:matrix.org
Because of the recent PR that removed a ton of optional dependencies, or something else? Because of another recent PR replacing curlWithGnuTls with just curl | 20:21:53 |
| 14 Sep 2024 |
|  SomeoneSerge (back on matrix) changed their display name from SomeoneSerge (nix.camp) to SomeoneSerge (utc+3). | 11:38:19 |
| tlaurion aka Insurgo [ Timezone: ET ] changed their display name from tlaurion aka Insurgo [UTC-4] (expect long delays in answers) to tlaurion aka Insurgo [UTC-4] (🛫🗺️🛬: Back 2024-10-01)). | 19:38:51 |
| tlaurion aka Insurgo [ Timezone: ET ] changed their display name from tlaurion aka Insurgo [UTC-4] (🛫🗺️🛬: Back 2024-10-01)) to tlaurion aka Insurgo [UTC-4] (🛫🗺️🛬: Back 2024-10-01). | 19:40:33 |
| 15 Sep 2024 |
|  @amythegay:161.rocks changed their display name from amy to amy (Old). | 10:04:42 |
| @amythegay:161.rocks left the room. | 14:22:36 |
| 16 Sep 2024 |
|  silentlurker joined the room. | 20:00:41 |
|  Alison Jenkins set a profile picture. | 20:21:01 |
| Alison Jenkins changed their profile picture. | 20:21:09 |
| 17 Sep 2024 |
|  lassulus changed their profile picture. | 14:38:28 |
|  Tom (deprecated) joined the room. | 21:04:04 |
| 18 Sep 2024 |
 yaya | GitLab is open again, I'm on it. | 10:15:32 |
| yaya | * GitLab is open again, I'm on it.
EDIT: Opened #342765
| 10:42:33 |
 Fabián Heredia | https://www.tenable.com/cve/CVE-2024-40896
Critical CVSSv3 of 9.7 on libxml2
https://gitlab.gnome.org/GNOME/libxml2/-/issues/761
Currently reserved in MITRE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40896
https://github.com/NixOS/nixpkgs/pull/342895 | 22:41:48 |
| Fabián Heredia | Scored as
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
According to the first link | 22:42:37 |
| Fabián Heredia | Seems not as critital, mentions that it depends on very specific usage of the library by downstream code | 22:59:24 |
| 19 Sep 2024 |
 adamcstephens | envoy is publishing a series of security updates for all their supported releases. i'm starting on 1.30.6 which is in 24.05. i assume they'll publish a 1.31.2 which would be needed for unstable https://github.com/envoyproxy/envoy/releases/tag/v1.30.6 | 21:00:16 |
| adamcstephens | I'll probably be out when the 1.31 release drops, but will get to it later this evening if lukegb (he/him) hasn't | 21:06:52 |
| 21 Sep 2024 |
|  ·☽•Nameless☆•777 · ± changed their profile picture. | 18:21:42 |
| 22 Sep 2024 |
|  @rootname:matrix.org left the room. | 10:56:38 |
|  implr left the room. | 18:28:59 |
