andi- changed the topic of #nixos-security to: Vulnerability Roundup Issues: https://github.com/NixOS/nixpkgs/issues?utf8=%E2%9C%93&q=is%3Aissue+is%3Aopen+Vulnerability+roundup + https://broken.sh | Currently supported releases: unstable (master), 20.09, 20.03 (until 27th of November)
ris has quit [Ping timeout: 246 seconds]
cjb has quit []
ajs124 has quit [Quit: Bridge terminating on SIGTERM]
ajs124 has joined #nixos-security
andi- has quit [Remote host closed the connection]
andi- has joined #nixos-security
justanotheruser has joined #nixos-security
cole-h has joined #nixos-security
pie_ has quit [Read error: Connection reset by peer]
pie_ has joined #nixos-security
cole-h has quit [Ping timeout: 240 seconds]
FRidh has joined #nixos-security
justanotheruser has quit [Ping timeout: 258 seconds]
rajivr has joined #nixos-security
justanotheruser has joined #nixos-security
hax404 has quit [Remote host closed the connection]
hax404 has joined #nixos-security
ris has joined #nixos-security
FRidh has quit [Quit: Konversation terminated!]
justanotheruser has quit [Ping timeout: 258 seconds]
stigo has quit [Ping timeout: 240 seconds]
stigo has joined #nixos-security
stigo has quit [Ping timeout: 265 seconds]
stigo has joined #nixos-security
aminechikhaoui has quit [Quit: Ping timeout (120 seconds)]
aminechikhaoui has joined #nixos-security
star_cloud has quit [Remote host closed the connection]
star_cloud has joined #nixos-security
star_cloud has quit [Excess Flood]
star_cloud has joined #nixos-security
FRidh has joined #nixos-security
cole-h has joined #nixos-security
<supersandro2000> I don't think we should wait on https://github.com/NixOS/nixpkgs/pull/118343 until end of may
<{^_^}> #118343 (by risicle, 22 hours ago, open): curl: add patches for CVE-2021-22876, CVE-2021-22890
<hexa-> so?
<hexa-> it was add to the milestone so it will not get forgotten
cole-h has quit [Ping timeout: 265 seconds]
<lukegb> oh, I have a patch for new curl that fixes nix's tests
<hexa-> nice
<supersandro2000> can we already look at it? I am curious.
cryptm0d has joined #nixos-security
cryptm0d has quit [Remote host closed the connection]
<{^_^}> mweinelt/nixpkgs#5 (by lukegb, 26 seconds ago, open): curl: add patch for curling directories
<hexa-> uh, why do we patch curl instead of nix?
<lukegb> it's a curl bug, not a nix bug
<lukegb> well, imo anyway
<hexa-> worth reporting upstream at least then
<lukegb> yeah, I'm prepping a PR
<hexa-> thank you
rajivr has quit [Quit: Connection closed for inactivity]
<hexa-> oh, that was over at my fork :D lmao
<lukegb> yup
<lukegb> PRing it into your PR :p
<hexa-> lukegb++ :)
<{^_^}> lukegb's karma got increased to 13
<hexa-> i'll rebase this quickly
<supersandro2000> lukegb++
<{^_^}> lukegb's karma got increased to 14
FRidh has quit [Quit: Konversation terminated!]
<{^_^}> curl/curl#6845 (by lukegb, 26 minutes ago, open): curling directories now returns curl: (36) failed to resume file:// transfer
<{^_^}> curl/curl#6846 (by lukegb, 3 minutes ago, open): file: support GETing directories again
<lukegb> took me a while to figure out how curl's testing infrastructure was supposed to work, holy XML batman
<supersandro2000> lukegb++
<{^_^}> lukegb's karma got increased to 15
<supersandro2000> thanks!
<supersandro2000> Can we ban the following user that abuses github actions for cryptomining preemptivly? https://github.com/edgarfox1982
<hexa-> supersandro2000: report them and let github deal with them
supersandro2000 has quit [Disconnected by services]
supersandro2000 has joined #nixos-security