#nixos-security on 2019-11-20

2019-04-23 19:29 gchristensen changed the topic of #nixos-security to: Vulnerability Roundup Issues: https://github.com/NixOS/nixpkgs/issues?utf8=%E2%9C%93&q=is%3Aissue+is%3Aopen+Vulnerability+roundup + https://broken.sh

00:17 <ris> #73792

00:17 <{^_^}> https://github.com/NixOS/nixpkgs/pull/73792 (by risicle, 12 seconds ago, open): [r19.03] libextractor: add patch for CVE-2019-15531

00:23 ris has quit [Ping timeout: 258 seconds]

05:38 justan0theruser has quit [Ping timeout: 246 seconds]

05:39 justanotheruser has joined #nixos-security

06:24 justanotheruser has quit [Ping timeout: 240 seconds]

06:53 justanotheruser has joined #nixos-security

08:44 FRidh has joined #nixos-security

08:49 hmpffff has joined #nixos-security

09:27 FRidh has quit [Quit: Konversation terminated!]

09:38 hmpffff_ has joined #nixos-security

09:41 hmpffff has quit [Ping timeout: 240 seconds]

10:19 hmpffff has joined #nixos-security

10:21 hmpffff_ has quit [Ping timeout: 240 seconds]

10:57 hmpffff has quit [Quit: nchrrrr…]

10:59 hmpffff has joined #nixos-security

11:01 FRidh has joined #nixos-security

11:10 stigo has quit [Remote host closed the connection]

11:13 stigo has joined #nixos-security

14:28 <hexa-> #73497 tested and lgtm

14:28 <{^_^}> https://github.com/NixOS/nixpkgs/pull/73497 (by dtzWill, 4 days ago, open): microcodeIntel: 20191113 -> 20191115

15:13 hmpffff has quit [Quit: nchrrrr…]

17:08 IdleBot_51f8eb57 has quit [Remote host closed the connection]

17:08 IdleBot_5e50c57d has joined #nixos-security

18:03 FRidh has quit [Quit: Konversation terminated!]

18:38 hmpffff has joined #nixos-security

19:03 ris has joined #nixos-security

19:19 hmpffff has quit [Quit: nchrrrr…]

19:47 hmpffff has joined #nixos-security

20:21 hmpffff has quit [Quit: nchrrrr…]

20:33 hmpffff has joined #nixos-security

20:48 <gchristensen> https://lkml.org/lkml/2019/11/20/1086

21:59 <asymmetric> gchristensen: hasn't wg been upstreamed into the kernel for a while now?

21:59 <asymmetric> the ascii art towards the bottom is beautiful

21:59 <gchristensen> no

22:00 <gchristensen> it hasn't merged yet. I think it has been submitted twice for review

22:00 <asymmetric> so until now it's been used as an external module?

22:00 <gchristensen> yea

22:00 <asymmetric> got it

22:00 <asymmetric> what's the advantage of upstreaming it vs keeping it as an external module?

22:01 <gchristensen> easier to install, easier to keep working with the kernel, trust factor

22:02 <gchristensen> it would be a shame if a single person chose ipsec over wireguard if only because ipsec is in the kernel and wireguard is not

22:07 <asymmetric> yeah wg is dope

22:08 <asymmetric> i found zx2c4 a bit blunt on https://github.com/NixOS/rfcs/pull/5 though

22:08 <{^_^}> rfcs#5 (by edolstra, 2 years ago, closed): [RFC 0005] Nix encryption

22:10 <gchristensen> he's a blunt person

22:11 <gchristensen> heh

22:12 <asymmetric> well his code will be right at home in the linux kernel then ;)

22:12 <gchristensen> heh yeah

22:22 justan0theruser has joined #nixos-security

22:23 justanotheruser has quit [Ping timeout: 245 seconds]

23:50 tv has quit [Ping timeout: 240 seconds]

23:52 tv has joined #nixos-security