| 9 Oct 2024 |
 emily | 
Download image.png | 21:39:41 |
| emily | all it needs is a stale bot response for the perfect GitHub comedy | 21:39:44 |
 Fabián Heredia | https://x.com/vxunderground/status/1844122743727673366
Allegedly web.archive.org compromised | 22:35:58 |
| Fabián Heredia | Currently appears to be only a defacement of the landing page | 22:36:10 |
| emily | oh good | 22:37:06 |
| Fabián Heredia |
| 22:37:57 |
| Fabián Heredia | * plus a DDoS since yesterday | 22:38:13 |
| emily | what do we think about https://github.com/NixOS/nixpkgs/pull/347601, give it a day or just merge now? | 23:02:02 |
| emily | we should probably poke channels once we merge the Tor Browser etc. backports | 23:02:15 |
| emily | so I'm inclined to slap the warning on now | 23:02:19 |
| emily | and consider removal if they don't move fast | 23:02:27 |
| emily | making the judgement call to merge, since it's an actively-exploited RCE | 23:08:03 |
| emily | librewolf{,-bin} had update PRs from 3 weeks ago that nobody acted on | 23:12:51 |
| emily | thankfully not security | 23:13:16 |
| Fabián Heredia | In reply to @fabianhjr:matrix.org
https://x.com/vxunderground/status/1844122743727673366
Allegedly web.archive.org compromised Update: vx-underground claims data breach impacting user data
https://x.com/vxunderground/status/1844158531210973555
| 23:42:58 |
| Fabián Heredia | also lol if true on the motivation of the DDoS. XD | 23:44:28 |
| emily | I finished all the merges and backports of the Firefoxes (that we know of) | 23:57:36 |
| emily | can someone poke the unstable and 24.05 channel evals? | 23:57:41 |
| 10 Oct 2024 |
|  tomberek joined the room. | 00:00:14 |
| Fabián Heredia | release-24.05 evaled 2hrs ago | 00:04:49 |
| Fabián Heredia | trunk an hour ago, trunk-combined 4h ago | 00:05:13 |
| emily | yeah | 00:05:38 |
| emily | but we probably want to get Tor Browser fixes out to users ASAP | 00:05:44 |
| emily | hexa bumped the channel when doing the Firefox PRs originally | 00:05:52 |
| emily | a Tor Browser RCE is kind of worst-case. | 00:06:13 |
| Fabián Heredia | how long ago was the tor bump merged? | 00:06:52 |
| Fabián Heredia | seems like 24.05 is only doing the tests and might advance soonish | 00:07:10 |
| emily | the most recent one was librewolf 24.05 backport 9 minutes ago. most recent for master was exactly 1hr ago | 00:08:08 |
| emily | let me check the commit trunk is evaluating | 00:08:28 |
| emily | uh | 00:08:45 |
