gmarmstrong has joined #nixos-security
gmarmstrong has quit [Quit: Quit]
<sphalerite> gchristensen: fpletz: anything missing on https://github.com/mayflower/nixpkgs/commit/9c7a6aa23b91299f0fc057207421a03a44479444 ?
<sphalerite> I'll also backport, and probably follow it up with an upgrade to 0.8.x on master
<pie_> "(Note; If you are using openssh, that does not consume libssh, and is not broken)"
<sphalerite> pie_: not sure what you mean? I should add that to the commit message?
<pie_> sphalerite, oh lol i was just xposting
<pie_> totally missed that you were dealing with that
MichaelRaskin has joined #nixos-security
<pie_> well guys uhhh "GitHub implemented their git ssh server with libssh" https://security.stackexchange.com/questions/195834/cve-2018-10933-bypass-ssh-authentication-libssh-vulnerability
<andi-> just another day in this broken world.. *sigh*
<pie_> and this is why you secure your toolchain? :P
<pie_> though technically hashes protect us right
<pie_> and people's stuff would complain if master mysteriously changed
* andi- has started to give up on following all the security foo.. It is bad for health..