!ZRgXNaHrdpGqwUnGnj:nixos.org

NixOS Security Triage

719 Members
Coordination and triage of security issues in nixpkgs220 Servers

Load older messages

SenderMessageTime
7 Apr 2026
@leona:leona.isleonayes21:49:02
@winter:catgirl.cloudWinterkicked21:49:11
@leona:leona.isleonawaits for 25.11 to eval21:49:13
@winter:catgirl.cloudWinter* kicked off21:49:15
@winter:catgirl.cloudWinteroh oops21:49:23
@winter:catgirl.cloudWinter
Evaluation pending since: 34s ago

:melting: 		21:49:46
@leona:leona.isleonadoesn't matter21:49:54
@leona:leona.isleonait waits anyway for release-25.11 to finish eval. That should happen in the next minutes21:50:09
@leona:leona.isleonaI'm going to sleep too. Someone should trigger an eval for nixos:unstable at some point21:50:28
@leona:leona.isleona* I'm going to bed too. Someone should trigger an eval for nixos:unstable at some point21:50:35
@winter:catgirl.cloudWinter (wait, where is that configured in the jobset?) 21:50:51
@leona:leona.isleonahydra-evaluator only evaluates one jobset at at ime21:51:09
@winter:catgirl.cloudWinter can do that once 25.11 and small are done 21:51:11
@leona:leona.isleona* hydra-evaluator only evaluates one jobset at at time21:51:13
@winter:catgirl.cloudWinter ah, right. wait, just to clarify: did you kick off a -small before i did? 21:51:40
@winter:catgirl.cloudWinterjust don't want to have two in a short period of time, if i have to cancel one i will21:51:53
@leona:leona.isleonaI evaled release-25.11. Then I evaled unstable-small (which just means that it will eval once 25.11 is finished). Your additional eval request for unstable-small merges with mine, so only one eval will be created21:52:56
@leona:leona.isleona* I evaled release-25.11. Then I evaled unstable-small (which just means that it will eval once 25.11 is finished / it gets added to the "eval queue"). Your additional eval request for unstable-small merges with mine, so only one eval will be created21:53:44
@tgerbet:matrix.orgtgerbet Flatpak sandbox escape CVE-2026-34078 + arbitrary file deletion on the host CVE-2026-34079 @getchoo:matrix.org https://github.com/flatpak/flatpak/releases/tag/1.16.4 22:22:00
@bart:bartoostveen.nlBart https://github.com/NixOS/nixpkgs/pull/507753 22:41:10
@bart:bartoostveen.nlBartBuilds on x86_64-linux, should not break any builds theoretically22:41:31
@informatic:hackerspace.plinfowski joined the room.23:35:02
8 Apr 2026
@jammie:matrix.orgJamieMagee set a profile picture.03:42:56
@getchoo:matrix.orggetchoothe above was merged. will hopefully do the 25.11 backport tonight thanks for the heads up :)03:48:44
@k900:0upti.meK900Adjacent XDP update: https://www.phoronix.com/news/XDG-Desktop-Portal-1.20.405:17:20
@me:m4rc3l.deMarcel joined the room.13:11:09
@ar:is-a.catari ❄how about some openssl? https://openssl-library.org/news/secadv/20260407.txt15:08:27
@me:m4rc3l.deMarcel ive created a PR https://github.com/NixOS/nixpkgs/pull/507974 15:50:50
@bart:bartoostveen.nlBart https://github.com/NixOS/nixpkgs/pull/507985 16:15:46
@bart:bartoostveen.nlBart https://github.com/NixOS/nixpkgs/pull/507860 16:16:18

Show newer messages

Back to Room ListRoom Version: 6