eric88 has joined #nixos-security
<eric88> Hey all. Very interested in pitching NixOS to my CTO. Problem is the first thing he'll look at is the security page, which is outdated.
<eric88> Any way I can fix it up?
<eric88> (https://nixos.org/nixos/security.html for reference)
<eric88> Hello :o
eric88 has quit [Ping timeout: 252 seconds]
<LnL> what's outdated about it?
<ekleog> LnL: I think the fact is the nix-security-announce google group is long dead
<ekleog> should likely be erased / maybe replaced by a discourse category
<ekleog> (but currently no one appears to have / take the time to sum up weekly which vulnerabilities have been fixed, so if there's not this weekly announcement mail then it'll likely be just as dead)
periklis has joined #nixos-security
erictapen has joined #nixos-security
erictapen has quit [Ping timeout: 268 seconds]
primeos has quit [Quit: WeeChat 2.1]
__Sander__ has joined #nixos-security
periklis has quit [Ping timeout: 244 seconds]
__Sander__ has quit [Quit: Konversation terminated!]
c0bw3b_ has joined #nixos-security
pie_ has joined #nixos-security
pie_ has quit [Ping timeout: 244 seconds]
<ckauhaus> ekleog: LnL: the security page is definitively outdated
<ckauhaus> during NixCon we discussed a new structure
<ckauhaus> I'll prepare a PR against the website repo to reflect the current state of affairs
<ckauhaus> Vulnerability roundup 52 is on: #50367, #50368, #50369
<{^_^}> https://github.com/NixOS/nixpkgs/issues/50367 (by ckauhaus, 2 minutes ago, open): Vulnerability roundup 52: openjpeg-2.3.0: 1 advisory
<{^_^}> https://github.com/NixOS/nixpkgs/issues/50368 (by ckauhaus, 1 minute ago, open): Vulnerability roundup 52: php-7.2.8: 1 advisory
<{^_^}> https://github.com/NixOS/nixpkgs/issues/50369 (by ckauhaus, 51 seconds ago, open): Vulnerability roundup 52: exiv2-0.26: 3 advisories
<ckauhaus> openjpeg, php, exiv2
pie_ has joined #nixos-security
ckauhaus is now known as ckauhaus[afk]
erictapen has joined #nixos-security
<c0bw3b_> openjpeg: no fix upstream for cve-2018-16375 ATM
<andi-> nice to see more people being involved \o/
<andi-> I will try to sprint through some stuff in the next days as well...
<pie_> andi-, as it goes c:
c0bw3b_ has quit [Remote host closed the connection]
c0bw3b_ has joined #nixos-security
pie_ has quit [Remote host closed the connection]
pie_ has joined #nixos-security
pie_ has quit [Remote host closed the connection]
pie_ has joined #nixos-security
c0bw3b_ has quit [Remote host closed the connection]
erictapen has quit [Ping timeout: 260 seconds]