andi- changed the topic of #nixos-security to: Vulnerability Roundup Issues: + | Currently supported releases: unstable (master), 20.09, 20.03 (until 27th of November)
cjb has joined #nixos-security
cjb has quit [Remote host closed the connection]
cjb has joined #nixos-security
cjb is now known as Guest96467
Guest96467 is now known as asdf1234asd
asdf1234asd is now known as cjbayliss
supersandro2000 has quit [Disconnected by services]
supersandro2000 has joined #nixos-security
cjbayliss is now known as cjb
cjb has quit [Quit: hopefully fixed SASL]
ris has quit [Ping timeout: 246 seconds]
rajivr has joined #nixos-security
cjb has joined #nixos-security
cjb has quit []
cjb has joined #nixos-security
lukeg is now known as lukegb
cjb has quit []
cjb has joined #nixos-security
cole-h has quit [Quit: Goodbye]
cole-h has joined #nixos-security
ajs124 has quit [Quit: Bridge terminating on SIGTERM]
ajs124 has joined #nixos-security
cjb has quit []
midchildan has quit [Ping timeout: 240 seconds]
midchildan has joined #nixos-security
cole-h has quit [Ping timeout: 264 seconds]
ztzg```` has joined #nixos-security
FRidh has joined #nixos-security
Synthetica has joined #nixos-security
<hexa-> Openssl will release new update on 2021/03/25, it will fix two "High" severity issues. These issues does not affect OpenSSL versions before 1.1.1:
<hexa-> CVE-2021-3449: NULL pointer deref in signature_algorithms processing
<hexa-> CVE-2021-3450: CA certificate check bypass with X509_V_FLAG_X509_STRICT
<gchristensen> oh fucking god
<hexa-> thank you Wind River Linux LTS 17
<gchristensen> hm?
<gchristensen> oh
<hexa-> the embargo is valid until tomorrow
<Foxboron> Shouldnt that be under embargo
<gchristensen> welp
<simpson> It is Wednesday my dudes
<gchristensen> yeah I realized the embargo was broken but didn't realize windriver wasn't win driver, but wind river and ... well here we go
<supersandro2000> also thought since when windows is interesting for nixos
<hexa-> fair
<hexa-> the release for 1.1.1k is scheduled for 13:00 - 17:00 UTC tomorrow
<gchristensen> thanks hexa-
<hexa-> guess I'll take care of it if noone beats me to it
<gchristensen> that would be great :)
bbigras has quit [Ping timeout: 268 seconds]
cemguresci[m] has quit [Ping timeout: 268 seconds]
Yakulu[m] has quit [Ping timeout: 268 seconds]
SushiDude[m] has quit [Ping timeout: 260 seconds]
bbigras has joined #nixos-security
cemguresci[m] has joined #nixos-security
Yakulu[m] has joined #nixos-security
SushiDude[m] has joined #nixos-security
<aanderse> hexa-++
<{^_^}> hexa-'s karma got increased to 24
<FRidh> staging-20.09 is almost finished, just in time for another round tomorrow with those fixes...
<gchristensen> please don't merge staging until after openssl is released in to channels
<gchristensen> thank you a lot :)
<FRidh> robert and vcunat mostly take care of 20.09
rajivr has quit [Quit: Connection closed for inactivity]
cole-h has joined #nixos-security
ris has joined #nixos-security
FRidh has quit [Quit: Konversation terminated!]