gchristensen changed the topic of #nixos-security to: Vulnerability Roundup Issues: https://github.com/NixOS/nixpkgs/issues?utf8=%E2%9C%93&q=is%3Aissue+is%3Aopen+Vulnerability+roundup + https://broken.sh
ris has quit [Ping timeout: 258 seconds]
tldr32 has quit [Ping timeout: 256 seconds]
rajivr has joined #nixos-security
tldr32 has joined #nixos-security
justanotheruser has quit [Quit: WeeChat 2.7.1]
justanotheruser has joined #nixos-security
justanotheruser has quit [Quit: WeeChat 2.7.1]
justanotheruser has joined #nixos-security
justanotheruser has quit [Ping timeout: 265 seconds]
justanotheruser has joined #nixos-security
ris has joined #nixos-security
justanotheruser has quit [Ping timeout: 256 seconds]
* ris is getting tempted to merge #96196 without any approval as it's been kicking around a bit now
<{^_^}> https://github.com/NixOS/nixpkgs/pull/96196 (by risicle, 1 week ago, open): [20.03] ghostscript: add patch for CVE-2020-15900
<ris> along with the rest of my simple backports
<ris> actually #95990 is a big rebuild
<{^_^}> https://github.com/NixOS/nixpkgs/pull/95990 (by risicle, 1 week ago, open): [20.03] nghttp2: add patch for CVE-2020-11080
<ris> and #95102 isn't particularly straightforward
<{^_^}> https://github.com/NixOS/nixpkgs/pull/95102 (by risicle, 3 weeks ago, open): [20.03] openexr,imlbase: 2.3.0 -> 2.4.2 to fix numerous security issues
justanotheruser has joined #nixos-security
rajivr has quit [Quit: Connection closed for inactivity]
sphalerite has quit [Quit: WeeChat 2.6]
sphalerite has joined #nixos-security
<tokudan> #97044 fixes a critical issue in gnupg in master. according to the announce email, older versions as in 20.03 are not affected.
<{^_^}> https://github.com/NixOS/nixpkgs/pull/97044 (by tokudan, 59 seconds ago, open): gnupg: 2.2.21 -> 2.2.23 [security]
<tokudan> seems that there's already a similar PR in #97034, not sure what the best PR to merge is
<{^_^}> https://github.com/NixOS/nixpkgs/pull/97034 (by doronbehar, 2 hours ago, open): gnupg: 2.2.22 -> 2.2.23
tokudan has quit [Remote host closed the connection]
tokudan has joined #nixos-security
tokudan has quit [Remote host closed the connection]
tokudan has joined #nixos-security
julm has quit [Ping timeout: 260 seconds]
julm has joined #nixos-security