!ZRgXNaHrdpGqwUnGnj:nixos.org

NixOS Security Triage

680 Members
Coordination and triage of security issues in nixpkgs212 Servers

Load older messages

SenderMessageTime
14 Aug 2024
@sandro:supersandro.deSandrohttps://github.com/containers/bubblewrap/releases/tag/v0.10.019:23:29
@sandro:supersandro.deSandrodoing one combined PR right now19:26:26
@sandro:supersandro.deSandrohttps://github.com/NixOS/nixpkgs/pull/33470119:33:13
15 Aug 2024
@teutat3s:pub.solarteutat3shttps://github.com/NixOS/nixpkgs/pull/320479 just stumbled over this one, open since 2024-06-17.07:43:32
@amythegay:161.rocks@amythegay:161.rocks joined the room.16:38:16
@jblackwell:matrix.orgjblackwell joined the room.19:50:28
16 Aug 2024
@shortcutz:matrix.orgshortcutz joined the room.10:09:47
@philiptaron:matrix.orgPhilip Taron (UTC-8)https://github.com/NixOS/nixpkgs/pull/335213 -- I'm security dumb with regard to nixpkgs process. I'm merging this into staging, but the PR author requests that it go to stable.23:38:59
@emilazy:matrix.orgemily that's tgerbet :) 23:40:30
@emilazy:matrix.orgemilyadd the staging-24.05 backport tag? though I guess it might need manual intervention if he's done it this way23:40:37
@emilazy:matrix.orgemily(… why does Vim have to go to staging??)23:40:58
@philiptaron:matrix.orgPhilip Taron (UTC-8)I read the security advisories and they are not related to xxd, which is why this has the rebuild count that it does.23:41:00
@emilazy:matrix.orgemilyoh23:41:04
@tgerbet:matrix.orgtgerbetYup it needs manual interventions, 24.05 is a bit late23:41:13
@emilazy:matrix.orgemily(moving non-triage-related comments into the normal dev channel)23:41:32
@emilazy:matrix.orgemilyanyway, one of you needs to create the equivalent PR on top of staging-24.05 manually23:43:57
@emilazy:matrix.orgemilyis how the process works :)23:44:05
17 Aug 2024
@nam3l33ss:matrix.org·☽•Nameless☆•777 · ± changed their profile picture.08:27:32
@r_i_s:matrix.orgris_ undrafted https://github.com/NixOS/nixpkgs/pull/330519 as unstable's fix is now merged 09:45:49
@tollb1:matrix.orgtollb1 left the room.13:20:29
@tollb1:matrix.orgtollb1 joined the room.13:23:07
@numinit:matrix.orgMorgan (@numinit) joined the room.23:43:07
18 Aug 2024
@getchoo:matrix.orggetchoo joined the room.07:43:16
@getchoo:matrix.orggetchoo https://github.com/advisories/GHSA-w3h3-4rj7-4ph4 fixed in https://github.com/NixOS/nixpkgs/pull/334522 07:45:32
@hexa:lossy.networkhexaimage.png
Download image.png		08:58:14
@hexa:lossy.networkhexaimage.png
Download image.png		08:58:24
@hexa:lossy.networkhexaI think we're good 😄 08:58:33
@getchoo:matrix.orggetchooAh yeah you're right. I just thought it was fixed this release since for some reason upstream included it in the newer changelog as well lol08:59:43
@lai-n:matrix.orglain joined the room.13:17:52
19 Aug 2024
@vcunat:matrix.orgvcunat nixos-unstable channel blocked due to applying security patches:
https://github.com/NixOS/nixpkgs/pull/334899#issuecomment-2295912602 		08:00:08

Show newer messages

Back to Room ListRoom Version: 6