gchristensen changed the topic of #nixos-security to: Vulnerability Roundup Issues: https://github.com/NixOS/nixpkgs/issues?utf8=%E2%9C%93&q=is%3Aissue+is%3Aopen+Vulnerability+roundup + https://broken.sh
ris has joined #nixos-security
<ris> #71370
<{^_^}> https://github.com/NixOS/nixpkgs/pull/71370 (by risicle, 42 seconds ago, open): [r19.09] rsyslog: add patch for CVE-2019-17040
ris has quit [Ping timeout: 258 seconds]
LnL has quit [Ping timeout: 250 seconds]
<aanderse> hmm... need feature where i can get pinged/notified when a PR with a CVE hits the binary cache
<gchristensen> that is a fun idea
<ddima> I have a question about how you manage/deal with the sec roundup issues. In the last few days I've been looking around those for a bit and clearly some of them are false positives/otherwise not applicable and it's generally a lot of them. Now I was wondering, how can one help clean those out? I have remarked on a few that they seem to be an FP but they still remain open and clobber the view. Is
<ddima> there some particular group of people to ping to close/cleanup?
justanotheruser has quit [Ping timeout: 240 seconds]
justanotheruser has joined #nixos-security
ddima has quit [Ping timeout: 268 seconds]
ddima has joined #nixos-security