00:00
supersandro2000 has quit [Disconnected by services]
00:00
supersandro2000 has joined #nixos-security
00:05
<
ris >
i've always been a bit surprised we still allow push access for nixpkgs
00:08
<
hexa- >
do we require 2fa?
00:11
<
ris >
that's something
00:11
<
ris >
though still, it only requires a single ssh key leak in theory
00:12
<
ris >
then there's the whole area of signed commits
00:13
<
gchristensen >
I'd love to require PRs
00:13
<
hexa- >
even kernel updates use pulls these days
00:16
star_cloud has quit [Ping timeout: 246 seconds]
00:37
justanotheruser has joined #nixos-security
00:54
ris has quit [Ping timeout: 246 seconds]
01:16
supersandro2000 has joined #nixos-security
01:41
cjb has quit [Read error: Connection reset by peer]
01:51
cjb has joined #nixos-security
01:54
rajivr has joined #nixos-security
02:36
star_cloud has joined #nixos-security
02:51
bridge[evilred] has quit [Remote host closed the connection]
02:57
bridge[evilred] has joined #nixos-security
02:57
bridge[evilred] has quit [Excess Flood]
02:58
bridge[evilred] has joined #nixos-security
05:04
cjb has quit [Read error: Connection reset by peer]
05:05
cjb has joined #nixos-security
07:47
supersandro2000 has joined #nixos-security
07:51
supersandro2000 has quit [Client Quit]
07:54
supersandro2000 has joined #nixos-security
08:05
cole-h has quit [Ping timeout: 240 seconds]
09:00
Guest44411 has quit [Quit: Idle for 30+ days]
11:03
star_cloud has quit [Remote host closed the connection]
11:03
star_cloud has joined #nixos-security
11:13
star_cloud has quit [Excess Flood]
11:14
star_cloud has joined #nixos-security
11:28
aminechikhaoui has joined #nixos-security
12:37
FRidh has joined #nixos-security
13:07
{^_^} has quit [Remote host closed the connection]
13:07
{^_^} has joined #nixos-security
16:05
cole-h has joined #nixos-security
17:43
ris has joined #nixos-security
18:17
rajivr has quit [Quit: Connection closed for inactivity]
18:38
star_cloud has quit [Read error: Connection reset by peer]
18:38
star_cloud has joined #nixos-security
18:48
star_cloud has quit [Excess Flood]
18:49
star_cloud has joined #nixos-security
19:19
FRidh has quit [Quit: Konversation terminated!]
19:49
<
hexa- >
ris: there is this python2 question coming up again
19:50
<
hexa- >
pillow/6.nix :)
19:51
<
ris >
yeah i don't know wtf i can really do about that, at the moment i'm seeing to what extent i can patch py3 on 20.09 for the recent vulnerabilities
19:51
<
hexa- >
yeah, I totally get it
19:51
<
hexa- >
its a dumbsterfire
19:51
<
ris >
i honestly don't know how they manage it
19:52
<
ris >
it's a one-project vulnerability factory
19:52
<
hexa- >
with lots of good intentions
19:52
<
ris >
i have 5 CVEs myself on it
19:52
<
ris >
well, a lot of legacy code
21:45
<
ajs124 >
didn't we just update webkitgtk?
22:09
<
hexa- >
ajs124: yep
22:09
<
hexa- >
ajs124: also this time no 2.30.7
22:10
<
hexa- >
ris: lets mark pillow for 2.7 as vulnerable and lets move one
22:10
<
hexa- >
or is that for python3?
22:11
<
ris >
i'm still doing the py3 one - i'll just mangle the patch and keep it in-tree, it's not big at least
22:11
<
ris >
py2 i don't think we have a choice
22:11
<
ris >
don't see it as practical
22:35
cjb has joined #nixos-security
22:35
cjb is now known as Guest92781
22:37
Guest92781 is now known as cjb
23:04
<
{^_^} >
#117991 (by mweinelt, 1 minute ago, open): webkitgtk: 2.30.6 -> 2.32.0
23:59
supersandro2000 has quit [Disconnected by services]
23:59
supersandro2000 has joined #nixos-security