!ZRgXNaHrdpGqwUnGnj:nixos.org

NixOS Security Triage

703 Members
Coordination and triage of security issues in nixpkgs215 Servers

Load older messages

SenderMessageTime
4 Aug 2024
@ma27:nicht-so.sexyma27 xss in roundcube: https://github.com/roundcube/roundcubemail/releases/tag/1.6.8
preparing an update now. 		15:06:53
7 Aug 2024
@adam:robins.wtfadamcstephens changed their display name from adamcstephens šŸ to adamcstephensL.00:17:26
@adam:robins.wtfadamcstephens changed their display name from adamcstephensL to adamcstephens.00:17:46
@teutat3s:pub.solarteutat3s GHSA-f83w-wqhc-cfp4
https://github.com/NixOS/nixpkgs/pull/332940 		08:17:34
@felschr:matrix.orgfelschrhttps://github.com/NixOS/nixpkgs/pull/33283311:50:22
8 Aug 2024
@qyliss:fairydust.spaceAlyssa Ross set a profile picture.18:48:46
9 Aug 2024
@emilazy:matrix.orgemilyhttps://i.blackhat.com/BH-US-24/Presentations/REVISED02-US24_Moore_Secure_Shells_in_Shambles_Wednesday.pdf#page=7209:57:49
@emilazy:matrix.orgemily RCE in soft-serve, need to bump to 0.7.5 and backport 09:57:59
@emilazy:matrix.orgemily(also in gogs, but we have that marked as insecure already)09:58:05
@emilazy:matrix.orgemilyto 0.7.6 rather I guess09:58:25
@emilazy:matrix.orgemilyhttps://github.com/NixOS/nixpkgs/pull/33138609:58:49
@yaya:uwu.isyayahttps://www.postgresql.org/support/security/CVE-2024-7348/11:33:11
@hexa:lossy.networkhexa cc ma27 11:35:02
@ma27:nicht-so.sexyma27 oh dang right when I'm on vacation.
can you please ping wolfgangwalther (not sure if they have matrix though, obly interacted on github). 		11:57:17
@ma27:nicht-so.sexyma27sowwy11:58:11
@hexa:lossy.networkhexaenjoy!12:02:50
@hexa:lossy.networkhexavia https://github.com/NixOS/nixpkgs/issues/33343012:04:45
10 Aug 2024
@rosscomputerguy:matrix.orgTristan Ross changed their profile picture.03:13:13
@vcunat:matrix.orgvcunat(still needs a manual backport to 24.05, apparently)05:30:55
12 Aug 2024
@sandro:supersandro.deSandrohttps://github.com/dani-garcia/vaultwarden/releases/tag/1.32.009:47:15
@sandro:supersandro.deSandrohttps://github.com/NixOS/nixpkgs/pull/33404809:51:33
@sandro:supersandro.deSandrohttps://github.com/NixOS/nixpkgs/pull/33409910:40:29
@sandro:supersandro.deSandroCVE-2024-7589 in openssh is freebsd specific and doesn't apply to us.12:07:18
@emilazy:matrix.orgemilyit has been [0] heck of a long times since the last remote hole in the default install12:17:23
@emilazy:matrix.orgemilyoh, FreeBSD not OpenBSD12:17:35
13 Aug 2024
@nam3l33ss:matrix.orgĀ·ā˜½ā€¢Namelessā˜†ā€¢777 Ā· Ā± changed their profile picture.04:07:57
14 Aug 2024
@hexa:lossy.networkhexahttps://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-2024081301:06:32
@hexa:lossy.networkhexahttps://github.com/NixOS/nixpkgs/pull/33450501:07:59
@von.dev:matrix.orgvon.dev joined the room.03:51:22
@sandro:supersandro.deSandrohttps://github.com/flatpak/flatpak/security/advisories/GHSA-7hgv-f2j8-xw8719:23:26

Show newer messages

Back to Room ListRoom Version: 6