after several weeks without new vulnix results we have the first vulnerability roundup based on the JSON feeds and the new version matching code in vulnix 1.9.x.
The Monster List™ is here: https://github.com/NixOS/nixpkgs/issues?utf8=✓&q=is%3Aissue+is%3Aopen+"Vulnerability+roundup+77"
72 issues. Phew. Quite a lot.
Some people have already started to work on the issues. That’s great! There are also false positives and false negatives. Based on the experiences with the first production run of the new matching code I’ll try to refine matching and weed out bugs.
Some people have already started fixing security stuff without having a new vulnerability roundup in place. Great to see that security is really a concern! Special mention to @risicle here. This means that when you start working on a issue which is part of the vulnerability roundup, please make sure that there is not already some patch/update/… present. We should avoid doing duplicate work.
I’d like to thank everyone who’s doing updates, patches, testing, reviewing, commenting.