pie_ has quit [Remote host closed the connection]
pie_ has joined #nixos-security
pie_ has quit [Remote host closed the connection]
pie_ has joined #nixos-security
periklis has joined #nixos-security
pie_ has quit [Remote host closed the connection]
pie_ has joined #nixos-security
erictapen has joined #nixos-security
erictapen has quit [Ping timeout: 272 seconds]
erictapen has joined #nixos-security
erictapen has quit [Ping timeout: 250 seconds]
erictapen has joined #nixos-security
pie_ has quit [Remote host closed the connection]
pie_ has joined #nixos-security
erictapen has quit [Ping timeout: 252 seconds]
erictapen has joined #nixos-security
erictapen has quit [Ping timeout: 240 seconds]
erictapen has joined #nixos-security
erictapen has quit [Ping timeout: 246 seconds]
erictapen has joined #nixos-security
erictapen has quit [Ping timeout: 244 seconds]
erictapen has joined #nixos-security
erictapen has quit [Ping timeout: 268 seconds]
tilpner has joined #nixos-security
erictapen has joined #nixos-security
periklis has quit [Remote host closed the connection]
<gchristensen> Qualys is amazing
<fpletz> the systemd-journald CVEs? :)
<fpletz> time to add -fstack-clash-protection to the hardening flags?
<gchristensen> yea
<fpletz> and look what other distributions are doing these days
<fpletz> hrm, we have to bump gcc to version 8 to get that and some more features
<andi-> IMO we should try to follow GCC more closely if that doesn't cause a lot more troubles... Seems feasible if fedora/arch/.. are able to do that. Anyone looked at the systemd patches yet?
<fpletz> haven't looked yet because they weren't linked in the advisory
<fpletz> I'm trying to build some packages with gcc bumped to 8 right now
<fpletz> will add a branch/PR and a hydra job to check the breakage if I can get some of the basic nixos tests running
<andi-> Yay :) still recovering from post-congress/holiday issues.. Might be able to do more work soonish..
<pie_> so when are we switching to bsd
<pie_> im mostly trolling, just tired