andi- changed the topic of #nixos-security to: Vulnerability Roundup Issues: https://github.com/NixOS/nixpkgs/issues?utf8=%E2%9C%93&q=is%3Aissue+is%3Aopen+Vulnerability+roundup + https://broken.sh | Currently supported releases: unstable (master), 20.09, 20.03 (until 27th of November)
supersandro2000 has quit [Disconnected by services]
supersandro2000 has joined #nixos-security
tokudan_ has joined #nixos-security
tokudan has quit [Ping timeout: 245 seconds]
kalbasit[m] has quit [Ping timeout: 246 seconds]
kalbasit[m] has joined #nixos-security
ris has quit [Ping timeout: 245 seconds]
rajivr has joined #nixos-security
cole-h has quit [Ping timeout: 264 seconds]
cemguresci[m] has quit [Ping timeout: 240 seconds]
kalbasit[m] has quit [Ping timeout: 240 seconds]
aanderse has quit [Ping timeout: 240 seconds]
bbigras has quit [Ping timeout: 244 seconds]
immae has quit [Ping timeout: 244 seconds]
thefloweringash has quit [Ping timeout: 244 seconds]
cw[m] has quit [Ping timeout: 244 seconds]
colemickens has quit [Ping timeout: 240 seconds]
rosariopulella[m has quit [Ping timeout: 240 seconds]
danielrf[m] has quit [Ping timeout: 258 seconds]
globin_ has quit [Ping timeout: 240 seconds]
jdnixx-M has quit [Ping timeout: 240 seconds]
globin_ has joined #nixos-security
jdnixx-M has joined #nixos-security
cemguresci[m] has joined #nixos-security
aanderse has joined #nixos-security
kalbasit[m] has joined #nixos-security
danielrf[m] has joined #nixos-security
immae has joined #nixos-security
colemickens has joined #nixos-security
rosariopulella[m has joined #nixos-security
cw[m] has joined #nixos-security
thefloweringash has joined #nixos-security
bbigras has joined #nixos-security
cole-h has joined #nixos-security
cole-h has quit [Ping timeout: 260 seconds]
<ajs124> Could somebody here maybe have a look at #114878? I'd rather not merge my own PR, especially since I don't really know a lot about webkitgtk, but there's a fix for a RCE CVE in there.
<{^_^}> https://github.com/NixOS/nixpkgs/pull/114878 (by ajs124, 2 days ago, open): webkitgtk: 2.30.3 -> 2.30.5
* andi- looks
maljub01 has joined #nixos-security
<hexa-> oh yeah, webkitgtk
<hexa-> lovely
<supersandro2000> webkitgk is unrelated to qt5.qtwebkit ?
<hexa-> they both use webkit
Rainy_Day has joined #nixos-security
<ajs124> andi-++
<{^_^}> andi-'s karma got increased to 57
<andi-> but each of them vendors a copy of webkit and IIRC they have diverged. There is also QTWebEngine which is a fork of chromium in the Qt world.. do not confuse all of these /o\
<supersandro2000> oh... I think qtwebkit is broken right now. thats why I asked. Hoped it fixes that.
cole-h has joined #nixos-security
<andi-> qtwebkit is considered insecure IIRC. It was forked of webkit and doesn't really receive updates anymore? The QtWebEngine stuff is at least more modern and due to the relationship with Google Chrome receives more updates.
<hexa-> it is unfortunate how fast your system relies on any of the webkits
<hexa-> I have webkitgtk in my system derivation because a) nautilus -> tracker-miners -> evolution-data-server -> webkitgtk and b) gvfs -> gnome-online-accounts -> webkitgtk
<ajs124> I'm about to add disallowedRequisites for that kind of stuff to my systems. For python2, I think I'm already there with a handful of servers on nixpkgs master.
rajivr has quit [Quit: Connection closed for inactivity]
ris has joined #nixos-security
<supersandro2000> you can check that with `nix-tree $(nix-instantiate)`
ris has quit [Ping timeout: 260 seconds]
<flokli> andi-++
<{^_^}> andi-'s karma got increased to 58
ris has joined #nixos-security
cole-h has quit [Ping timeout: 265 seconds]