2025-02-04 11:22:35 <Foxboron> ncopa9: I'm not in any other alpine channels, but do check if Hetzner is willing to sponsor a price reduction in their datacenters
2025-02-04 11:22:48 <Foxboron> It's been quite lucrative for the Arch infra over the years
2025-02-04 11:23:02 <ikke> Foxboron: We've been recommended that by others as well, we'll be looking into it
2025-02-04 11:23:09 <Foxboron> ikke: Awesome, glad to hear :)
2025-02-04 11:23:30 <Foxboron> We also have quite a setup for bootstrapping Arch servers in their infra, that might be worth looking into if you need
2025-02-04 11:24:28 <Foxboron> https://gitlab.archlinux.org/archlinux/infrastructure/-/tree/master/roles/install_arch?ref_type=heads
2025-02-04 11:24:55 <ikke> Foxboron: thanks
2025-02-04 11:25:05 <Foxboron> Good luck!
2025-02-06 13:01:59 <ncopa> Foxboron: i have had a few days off, so sorry for ignoring. thanks for the tip!
2025-02-06 13:02:20 <Foxboron> ncopa: No worries :) hope you a couple of nice days off
2025-02-06 13:03:41 <ncopa> i have been able to relax. really relax. which is good
2025-02-11 17:42:02 <dne> https://openssl-library.org/news/secadv/20250211.txt
2025-02-11 17:42:42 <dne> (I guess they meant 3.3.3 where it says 3.3.2)
2025-02-12 22:46:41 <fossdd[m]> dalias mentioned in #musl-distros a CVE is coming tomorrow (13 feb) around 16:00 UTC
2025-02-13 04:08:59 <ikke> fossdd: we've been notified
2025-02-13 19:13:18 <ncopa> thank fossdd[m] for quick MR
2025-02-13 19:37:29 <fossdd[m]> thank you for merging so quickly
2025-02-13 20:30:43 <kpcyrd> CVE-2025-26519 for those following along from the backseats https://www.openwall.com/lists/musl/2025/02/13/1
2025-02-13 20:33:29 <jvoisin> this isn't the first iconv-related bug in a libc. Maybe i should fuzz it
2025-02-13 23:43:38 <ncopa> seems like our security tracker has not yet picked up v3.21 https://security.alpinelinux.org/branch/3.21-main
2025-02-13 23:46:45 <ncopa> https://security.alpinelinux.org/vuln/CVE-2024-12797 does not show us as fixed in 3.19 and 3.18?
2025-02-13 23:47:32 <ncopa> ah, it does not affect those
2025-02-15 18:01:21 <steinex> https://github.com/superseriousbusiness/gotosocial/releases/tag/v0.17.4 shouldn't this be bumped for older versions than edge too?
2025-02-15 18:03:03 <ikke> https://gitlab.alpinelinux.org/alpine/aports/-/merge_requests/79923
2025-02-15 18:04:28 <steinex> ah, thanks :)
2025-02-15 18:07:21 <ikke> It's in community, so only 3.21 is supported
2025-02-15 18:11:54 <steinex> i know, i am on community. still wondered why i'm still on 0.17.3. but that explains it :) no pressure and thanks for your work
2025-02-18 12:28:00 <dne> openssh CVEs: https://www.qualys.com/2025/02/18/openssh-mitm-dos.txt
2025-02-18 12:28:21 <dne> !80217 !80220
2025-02-21 01:24:21 <jvoisin> https://gitlab.alpinelinux.org/alpine/aports/-/merge_requests/80323 ← as this fixes an auth-bypass, what's the process to have it merged quickly?