andi- changed the topic of #nixos-security to: Vulnerability Roundup Issues: https://github.com/NixOS/nixpkgs/issues?utf8=%E2%9C%93&q=is%3Aissue+is%3Aopen+Vulnerability+roundup + https://broken.sh | Currently supported releases: unstable (master), 20.09, 20.03 (until 27th of November)
star_cloud has quit [Ping timeout: 265 seconds]
supersandro2000 has quit [Disconnected by services]
supersandro2000 has joined #nixos-security
Synthetica has quit [Quit: Connection closed for inactivity]
ris has quit [Ping timeout: 252 seconds]
star_cloud has joined #nixos-security
cole-h has joined #nixos-security
maljub01 has joined #nixos-security
cole-h has quit [Quit: Goodbye]
cole-h has joined #nixos-security
cole-h has quit [Ping timeout: 260 seconds]
FRidh has joined #nixos-security
rajivr has joined #nixos-security
cryptm0d has joined #nixos-security
cryptm0d has quit [Remote host closed the connection]
ris has joined #nixos-security
Synthetica has joined #nixos-security
mschwaig has joined #nixos-security
star_cloud has quit [Ping timeout: 265 seconds]
<ris> oh. broken.sh hasn't run since december.
star_cloud has joined #nixos-security
<hexa-> rip, cc andi-
star_cloud has quit [Ping timeout: 265 seconds]
<andi-> yeah, as stated multiple time the NVD format has changed and I haven't had motivation to fix it..
<{^_^}> #117785 (by mweinelt, 26 minutes ago, open): webkitgtk: 2.30.5 -> 2.30.6
<ris> it was definitely useful FWIW, it's what I used to work from when doing my occasional CVE binges
star_cloud has joined #nixos-security
cole-h has joined #nixos-security
star_cloud has quit [Ping timeout: 240 seconds]
star_cloud has joined #nixos-security
star_cloud has quit [Ping timeout: 268 seconds]
cole-h has quit [Ping timeout: 240 seconds]
rajivr has quit [Quit: Connection closed for inactivity]
<ris> #117810
<{^_^}> https://github.com/NixOS/nixpkgs/pull/117810 (by risicle, 44 seconds ago, open): [20.09] python3Packages.pygments: add patch for CVE-2021-27291
<andi-> Fixing is probably not hard just requires someont to write a parser for those CPE things and some logic to apply them on package names / versions..
<Foxboron> (it's already implemented in vulnix)
star_cloud has joined #nixos-security
FRidh has quit [Quit: Konversation terminated!]
julm has quit [Quit: leaving]
julm has joined #nixos-security
cole-h has joined #nixos-security