gchristensen changed the topic of #nixos-security to: Vulnerability Roundup Issues: https://github.com/NixOS/nixpkgs/issues?utf8=%E2%9C%93&q=is%3Aissue+is%3Aopen+Vulnerability+roundup + https://broken.sh
justan0theruser has joined #nixos-security
justanotheruser has quit [Ping timeout: 255 seconds]
justan0theruser is now known as justanotheruser
justanotheruser has quit [Ping timeout: 250 seconds]
justanotheruser has joined #nixos-security
justanotheruser has quit [Ping timeout: 250 seconds]
justanotheruser has joined #nixos-security
justanotheruser has quit [Ping timeout: 245 seconds]
<pie_> is the firefox addon mess considered security relevant - given stuff like noscript adblock, tor browser is affected
<pie_> is this what y2k felt like lol
<andi-> It's gonna be interesting to see if they really intend to push back-dating the certificate check that is currently in the build pipeline. There seems to be an option to push a new intermediate certificate to users which they are also going to do. Sucks but no need to panic..
colemickens_ has quit [Quit: Connection closed for inactivity]
erictapen has quit [Ping timeout: 244 seconds]
<Profpatsch> Going to lose a lot of users
justanotheruser has joined #nixos-security
erictapen has joined #nixos-security
<pie_> argh mozilla tho
<pie_> ^ wrong chan
justanotheruser has quit [Ping timeout: 245 seconds]
justanotheruser has joined #nixos-security
<ivan> I suspect nixpkgs' chromium maintainers are not subscribed to https://chromereleases.googleblog.com/search/label/Stable%20updates and so we end up a week behind on maybe-scary CVEs
<Profpatsch> ivan: You can be a chromium Maintaner :)
<Profpatsch> *ainer
<ivan> Profpatsch: do you have the power to approve such a commit? :-)
erictapen has quit [Ping timeout: 245 seconds]
erictapen has joined #nixos-security