gchristensen changed the topic of #nixos-security to: Vulnerability Roundup Issues: https://github.com/NixOS/nixpkgs/issues?utf8=%E2%9C%93&q=is%3Aissue+is%3Aopen+Vulnerability+roundup + https://broken.sh
nh2 has quit [Ping timeout: 246 seconds]
nh2 has joined #nixos-security
elvishjerricco has quit [Ping timeout: 272 seconds]
elvishjerricco has joined #nixos-security
kleisli has quit [Ping timeout: 265 seconds]
anselmolsm has quit [Quit: Konversation terminated!]
FRidh has joined #nixos-security
kleisli has joined #nixos-security
hmpffff has joined #nixos-security
hmpffff has quit [Quit: nchrrrr…]
tilpner_ has joined #nixos-security
tilpner has quit [Ping timeout: 256 seconds]
tilpner_ is now known as tilpner
hmpffff has joined #nixos-security
hmpffff has quit [Read error: Connection reset by peer]
hmpffff has joined #nixos-security
hmpffff_ has joined #nixos-security
hmpffff has quit [Ping timeout: 272 seconds]
FRidh has quit [Quit: Konversation terminated!]
kleisli has quit [Remote host closed the connection]
kleisli has joined #nixos-security
hmpffff has joined #nixos-security
hmpffff_ has quit [Ping timeout: 265 seconds]
kleisli has quit [Remote host closed the connection]
kleisli has joined #nixos-security
FRidh has joined #nixos-security
vesper has quit [Ping timeout: 240 seconds]
kleisli has quit [Remote host closed the connection]
kleisli has joined #nixos-security
kleisli has quit [Remote host closed the connection]
kleisli has joined #nixos-security
kleisli has quit [Remote host closed the connection]
kleisli has joined #nixos-security
Ubuntu_User420 has joined #nixos-security
Ubuntu_User420 has left #nixos-security ["Konversation terminated!"]
hmpffff_ has joined #nixos-security
hmpffff has quit [Ping timeout: 272 seconds]
hmpffff__ has joined #nixos-security
hmpffff_ has quit [Ping timeout: 256 seconds]
justanotheruser has quit [Ping timeout: 260 seconds]
hmpffff has joined #nixos-security
hmpffff__ has quit [Ping timeout: 272 seconds]
justanotheruser has joined #nixos-security
vesper11 has joined #nixos-security
vesper11 has quit [Read error: Connection reset by peer]
hmpffff has quit [Quit: nchrrrr…]
hmpffff has joined #nixos-security
vesper11 has joined #nixos-security
FRidh has quit [Quit: Konversation terminated!]
<{^_^}> #84277 (by bqv, 19 minutes ago, open): emacsPackages.lua-mode: Fix hash
<{^_^}> #56123 (by Infinisil, 1 year ago, merged): emacsPackagesNg.lua-mode: Fix hash
<infinisil> Which embeds git commit info dynamically into the archive created by github
<infinisil> And specifically the %d there isn't deterministic, it changes depending on branches that currently point to the commit
<infinisil> I reported this to the git security mailing list, showing how this could be used to change github tarballs by only creating branches in the repo, without creating a new commit
<infinisil> Have never heard back of them though, which is why I'm mentioning it here now
hmpffff_ has joined #nixos-security
hmpffff has quit [Ping timeout: 272 seconds]
infinisil has quit [Quit: Configuring ZNC, sorry for the joins/quits!]
infinisil has joined #nixos-security
justanotheruser has quit [Ping timeout: 256 seconds]
hmpffff has joined #nixos-security
hmpffff_ has quit [Ping timeout: 272 seconds]
anselmolsm has joined #nixos-security
justanotheruser has joined #nixos-security
anselmolsm has quit [Quit: Konversation terminated!]
hmpffff has quit [Quit: nchrrrr…]
kleisli has quit [Ping timeout: 265 seconds]
<andi-> urgh
<andi-> that sounds just wrong