| 22 Aug 2024 |
 hexa | enjoy | 20:56:30 |
| 24 Aug 2024 |
|  cafkafk changed their profile picture. | 07:02:16 |
|  @adbjesus:matrix.org left the room. | 15:53:46 |
| 25 Aug 2024 |
 ris_ | https://github.com/NixOS/nixpkgs/pull/274965 | 17:21:31 |
| 27 Aug 2024 |
 Markus Theil | New OpenSSL versions incoming in September. Fixes unclear.
The OpenSSL project team would like to announce the upcoming release of
OpenSSL versions 3.3.2, 3.2.3, 3.1.7 and 3.0.15.
These are security-fix releases. The highest severity issue fixed in
each of these four releases is Moderate:
https://openssl-library.org/policies/general/security-policy/
We will be also releasing extended support OpenSSL versions
1.1.1za and 1.0.2zk which will be available to premium support
customers.
These are also security-fix releases. The highest severity issue fixed
in each of these two releases is Low:
https://openssl-library.org/policies/general/security-policy/
These releases will be made available on Tuesday 3rd September 2024
between 1300-1700 UTC.
Yours
The OpenSSL Project Team
| 19:00:37 |
| ris_ | lots of fun presents in the security review queue | 20:22:00 |
| 28 Aug 2024 |
|  Kerstin (she/her) changed their display name from kerstin to Kerstin (she/her). | 13:21:37 |
| 1 Sep 2024 |
|  @zzantares:matrix.org removed their display name Hamlet'sPiedPlumber. | 19:19:29 |
| @zzantares:matrix.org left the room. | 19:19:50 |
| 2 Sep 2024 |
 Sandro 🐧 | https://github.com/hedgedoc/hedgedoc/releases/tag/1.10.0
https://github.com/hedgedoc/hedgedoc/security/advisories/GHSA-pjf2-269h-cx7p | 15:02:03 |
| 3 Sep 2024 |
| Markus Theil | OpenSSL relesed today: https://github.com/openssl/openssl/blob/openssl-3.3/CHANGES.md#changes-between-331-and-332-3-sep-2024 | 18:45:49 |
| Markus Theil | I'll probably open a PR with some more Cleanups tomorrow (e.g. OpenSSL now only uses Github-Releases). | 18:46:17 |
| Markus Theil | I'd also like to test if we can default to the latest OpenSSL version in 24.11 (currently 3.3). Arch Linux already does this. I don't know what will break, but would like to see some issues and revert, if I/we can't handle this timely. | 18:48:26 |
| Markus Theil | * I'd also like to test if we can default to the latest OpenSSL version in 24.11 (currently 3.3). Arch Linux already does this. I don't know what will break, but would like to see some issues first and revert, if I/we can't handle this timely. | 18:48:46 |
| Markus Theil | * I'd also like to test if we can default to the latest OpenSSL version in 24.11 (currently 3.3). Arch Linux already does this. I don't know what will break, but would like to see some issues first and revert the default back to 3.0.x, if I/we can't handle this timely. | 18:49:35 |
 emily | In reply to @mtheil:scs.ems.host
I'd also like to test if we can default to the latest OpenSSL version in 24.11 (currently 3.3). Arch Linux already does this. I don't know what will break, but would like to see some issues first and revert the default back to 3.0.x, if I/we can't handle this timely. will response to this in #security-discuss:nixos.org | 18:58:02 |
| emily | In reply to @mtheil:scs.ems.host
I'd also like to test if we can default to the latest OpenSSL version in 24.11 (currently 3.3). Arch Linux already does this. I don't know what will break, but would like to see some issues first and revert the default back to 3.0.x, if I/we can't handle this timely. * will respond to this in #security-discuss:nixos.org | 18:58:07 |
| emily | * responded in https://matrix.to/#/!NBBFPbiuttRgTqbrcY:nixos.org/$jYyvEStvrMgr0KMalxi0xegBNvl2mQuzaQ-W49tMM70?via=nixos.org&via=matrix.org&via=nixos.dev | 18:59:37 |
| 4 Sep 2024 |
 K900 | What | 12:48:23 |
| emily | (am I missing something?) | 15:45:44 |
|  tlaurion aka Insurgo [ Timezone: ET ] changed their display name from tlaurion aka Insurgo [UTC-4] to tlaurion aka Insurgo [UTC-4] (expect delays in answers). | 20:32:11 |
|  SomeoneSerge (back on matrix) changed their display name from SomeoneSerge (UTC+3) to SomeoneSerge (nix.camp). | 21:49:21 |
| 5 Sep 2024 |
|  @necoarc:transfem.dev joined the room. | 03:38:58 |
| @necoarc:transfem.dev removed their display name Neco-Arc. | 03:49:32 |
| @necoarc:transfem.dev removed their profile picture. | 03:49:32 |
| @necoarc:transfem.dev left the room. | 03:49:32 |
| hexa | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45506 | 16:23:24 |
| hexa | * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45506 haproxy | 16:23:28 |
| hexa | I'm bumping release-24.05 to 2.9.10, can someone take master. i have to run | 16:23:48 |
| hexa | https://github.com/NixOS/nixpkgs/pull/339840 | 16:25:27 |
