#nixos-security on 2020-10-10

2019-04-23 19:29 gchristensen changed the topic of #nixos-security to: Vulnerability Roundup Issues: https://github.com/NixOS/nixpkgs/issues?utf8=%E2%9C%93&q=is%3Aissue+is%3Aopen+Vulnerability+roundup + https://broken.sh

00:08 ris has quit [Ping timeout: 240 seconds]

01:19 julm has quit [Remote host closed the connection]

01:19 julm has joined #nixos-security

02:08 rajivr has joined #nixos-security

04:53 zarel has quit [Ping timeout: 260 seconds]

04:53 zarel has joined #nixos-security

09:59 justanotheruser has quit [Ping timeout: 272 seconds]

10:58 ris has joined #nixos-security

12:09 MichaelRaskin has quit [Ping timeout: 258 seconds]

12:53 vesper11 has quit [Ping timeout: 240 seconds]

14:55 MichaelRaskin has joined #nixos-security

16:48 <hexa-> 17 minutes until arch security talk

16:48 <hexa-> https://streaming.media.ccc.de/archconf2020/ArchConf

16:54 <hexa-> gchristensen: ^

17:21 <Foxboron> (I'll forward relevant questions for you if you don't want to join the channel :))

17:27 <hexa-> haha

17:27 <hexa-> I fear nobody else is around

18:15 rajivr has quit [Quit: Connection closed for inactivity]

19:28 <ajs124> how was the talk?

19:38 <Foxboron> https://streaming.media.ccc.de/archconf2020/relive/6394 :)

22:11 <hexa-> well, the tl;dr for me is … we need a tracker

22:11 <hexa-> something where we can collaboratively track the state, add comments, classify, add references

22:13 <Foxboron> We have been contemplating generalizing the arch tracker for other projects. But that is admittedly going to take quite a bit of work

22:14 <Foxboron> OpenSSF is looking into VINCE, which is going to be open-sourced as some collaboration platform

22:14 <Foxboron> https://www.sei.cmu.edu/news-events/news/article.cfm?assetid=641759

22:14 <Foxboron> it might be interesting to look at