#nixos-security on 2019-06-12

2019-04-23 19:29 gchristensen changed the topic of #nixos-security to: Vulnerability Roundup Issues: https://github.com/NixOS/nixpkgs/issues?utf8=%E2%9C%93&q=is%3Aissue+is%3Aopen+Vulnerability+roundup + https://broken.sh

02:24 justanotheruser has quit [Ping timeout: 248 seconds]

02:39 justanotheruser has joined #nixos-security

02:44 justanotheruser has quit [Ping timeout: 245 seconds]

02:56 justanotheruser has joined #nixos-security

03:50 {^_^} has quit [Ping timeout: 252 seconds]

04:03 {^_^} has joined #nixos-security

04:33 hmpffff has joined #nixos-security

05:03 hmpffff has quit [Quit: nchrrrr…]

07:32 pie__ has quit [Ping timeout: 258 seconds]

07:55 hmpffff has joined #nixos-security

09:08 pie__ has joined #nixos-security

10:13 nathanruiz has joined #nixos-security

10:17 <nathanruiz> Is there any kind of security announcement mailing list I can subscribe to?

10:53 pie___ has joined #nixos-security

10:55 pie__ has quit [Ping timeout: 245 seconds]

11:09 hmpffff has quit [Quit: nchrrrr…]

11:16 <pie___> nathanruiz, nixos specific? havent seen one personally, we're mostly consumers of the other open information sources

11:17 <pie___> nathanruiz, maybe watching security tagged github issues but i dont know how strictly thats followed, and the vulnerability roundups

11:17 <pie___> i think more security infra is being worked on and so on, but its work so...

11:17 * pie___ deferse to the rest of the channel

11:18 <pie___> see also channel topic

11:18 <pie___> (oh nice andi- , didnt see that stuff up there now c: )

11:20 <andi-> pie___: what exactly are you refering to?

11:23 <pie___> broken.sh in the topic

11:32 hmpffff has joined #nixos-security

12:00 <andi-> ah, I c

14:09 hmpffff has quit [Quit: nchrrrr…]

16:36 pie___ has quit [Ping timeout: 245 seconds]

16:46 hmpffff has joined #nixos-security

17:05 <marek> security updates are opened againts release-19.03 or staging-19.03?

17:07 <ekleog> marek: usually against release-19.03, except if it's a really-low-severity security update that'd cause rebuilds of thousands of packages

17:11 <marek> ok thank you ekleog

17:17 <ekleog> well, thank *you* if you plan to open a security update PR :)

18:02 Synthetica has joined #nixos-security

19:45 hmpffff has quit [Quit: nchrrrr…]

19:47 hmpffff has joined #nixos-security

20:24 pie__ has joined #nixos-security

20:34 hmpffff has quit [Quit: nchrrrr…]

20:59 Synthetica has quit [Quit: Connection closed for inactivity]

22:00 hmpffff has joined #nixos-security

22:20 hmpffff has quit [Quit: nchrrrr…]

22:20 hmpffff has joined #nixos-security

22:21 hmpffff has quit [Client Quit]

22:21 hmpffff has joined #nixos-security

22:21 hmpffff has quit [Client Quit]

22:22 hmpffff has joined #nixos-security

22:22 hmpffff has quit [Client Quit]

22:36 {^_^} has quit [Remote host closed the connection]

22:36 {^_^} has joined #nixos-security

23:12 <marek> anyone can ask ofborg to build this and add security tag please? https://github.com/NixOS/nixpkgs/pull/63045

23:12 <{^_^}> #63045 (by mmahut, 18 minutes ago, open): gitlab: 11.10.4 -> 11.10.5

23:17 <samueldr> I seem to remember gitlab timing out for builds with ofborg, but am unsure so asjed for it anyway

23:25 <samueldr> eh, must have been mistaken