andi- changed the topic of #nixos-security to: Vulnerability Roundup Issues: https://github.com/NixOS/nixpkgs/issues?utf8=%E2%9C%93&q=is%3Aissue+is%3Aopen+Vulnerability+roundup + https://broken.sh | Currently supported releases: unstable (master), 20.09, 20.03 (until 27th of November)
rajivr has joined #nixos-security
ris has quit [Ping timeout: 260 seconds]
red[evilred] has joined #nixos-security
<red[evilred]> also hexa- (IRC) - #104835 and #104838 with better commit messages as advise.
<{^_^}> https://github.com/NixOS/nixpkgs/pull/104835 (by redvers, 24 minutes ago, open): cassandra: 3.11.4 -> 3.11.9
<{^_^}> https://github.com/NixOS/nixpkgs/pull/104838 (by redvers, 7 minutes ago, open): cassandra_2_1: 2.1.20 -> 2.1.22
<red[evilred]> s/.$/d./g
tilpner_ has joined #nixos-security
tilpner has quit [Ping timeout: 256 seconds]
tilpner_ is now known as tilpner
<hexa-> Pam 1.5.0 has a auth bypass under some conditions - https://www.openwall.com/lists/oss-security/2020/11/24/3
<hexa-> Unrelated to the auth bypass, but on the topic of linux-pam; this summer I landed exposing prctl(PR_SET_NO_NEW_PRIVS) in pam_limits [0]. It's a convenient way to prevent logins from potentially attaining new privileges, even if bad actors find bugs in suid programs or even know the root password (assuming remote root logins are disabled).
<red[evilred]> anyone else able to get to: https://linux-cifs.samba.org/cifs-utils/
<red[evilred]> btw - I assume if I come across a package in my travels that needs a bump with a name attribute and no pname / version - I should switch that while I'm at it?
<red[evilred]> Well, nvd.nist.gov appears to be down so I guess I'm done for the evenin;
<red[evilred]> Nite all./
justanotheruser has quit [Quit: WeeChat 2.9]
justanotheruser has joined #nixos-security
FRidh has joined #nixos-security
red[evilred] has quit [Quit: Idle timeout reached: 10800s]
star_cloud has quit [Read error: Connection reset by peer]
star_cloud has joined #nixos-security
star_cloud has quit [Read error: Connection reset by peer]
star_cloud has joined #nixos-security
FRidh has quit [Ping timeout: 240 seconds]
FRidh has joined #nixos-security
star_cloud has quit [Excess Flood]
star_cloud has joined #nixos-security
FRidh has quit [Ping timeout: 272 seconds]
FRidh has joined #nixos-security
justanotheruser has quit [Quit: WeeChat 2.9]
justanotheruser has joined #nixos-security
zarel has quit [Ping timeout: 256 seconds]
zarel has joined #nixos-security
FRidh has quit [Ping timeout: 272 seconds]
FRidh has joined #nixos-security
FRidh has quit [Ping timeout: 260 seconds]
FRidh has joined #nixos-security
watt877 has joined #nixos-security
watt877 has quit [Ping timeout: 264 seconds]
<stigo> can someone review/merge #103951 ?
<{^_^}> https://github.com/NixOS/nixpkgs/pull/103951 (by stigtsp, 1 week ago, open): firefox-beta-bin: 81.0b4 -> 84.0b4, firefox-devedition-bin: 80.0b8 -> 84.0b4
FRidh has quit [Ping timeout: 246 seconds]
FRidh has joined #nixos-security
star_cloud has quit [Remote host closed the connection]
star_cloud has joined #nixos-security
star_cloud has quit [Excess Flood]
star_cloud has joined #nixos-security
LnL has quit [Ping timeout: 272 seconds]
LnL has joined #nixos-security
LnL has joined #nixos-security
lassulus has quit [Ping timeout: 256 seconds]
lassulus has joined #nixos-security
lukegb has quit [Quit: ~~lukegb out~~]
star_cloud has quit [Remote host closed the connection]
star_cloud has joined #nixos-security
lukegb has joined #nixos-security
LnL has quit [Ping timeout: 265 seconds]
star_cloud has quit [Excess Flood]
star_cloud has joined #nixos-security
LnL has joined #nixos-security
LnL has joined #nixos-security
FRidh has quit [Ping timeout: 260 seconds]
FRidh has joined #nixos-security
star_cloud has quit [Remote host closed the connection]
star_cloud has joined #nixos-security
star_cloud has quit [Excess Flood]
star_cloud has joined #nixos-security
FRidh has quit [Ping timeout: 260 seconds]
FRidh has joined #nixos-security
rajivr has quit [Quit: Connection closed for inactivity]
justanotheruser has quit [Ping timeout: 260 seconds]
ris has joined #nixos-security
justanotheruser has joined #nixos-security
<{^_^}> #104820 (by mweinelt, 20 hours ago, open): [20.09]: webkitgtk: 2.28.4 -> 2.30.3
<hexa-> jtojnar says they don't do backports to prevent burnout, worldofpeace said everything there is fine with them
tilpner_ has joined #nixos-security
tilpner has quit [Ping timeout: 260 seconds]
tilpner_ is now known as tilpner
FRidh has quit [Quit: Konversation terminated!]
star_cloud has quit [Remote host closed the connection]
star_cloud has joined #nixos-security
star_cloud has quit [Excess Flood]
star_cloud has joined #nixos-security
LnL has quit [Ping timeout: 260 seconds]
justanotheruser has quit [Ping timeout: 256 seconds]
justanotheruser has joined #nixos-security