| 23 May 2021 |
|  maljub01 joined the room. | 20:03:42 |
|  pennae joined the room. | 20:59:57 |
| 24 May 2021 |
|  rajivr joined the room. | 03:35:16 |
|  kunrooted joined the room. | 05:16:05 |
|  moritz.hedtke joined the room. | 14:27:56 |
 hexa | https://github.com/vector-im/element-web/releases/tag/v1.7.29 | 17:14:31 |
| hexa |
Element Web 1.7.29 fixes (by upgrading to olm 3.2.3) an issue in code used for
decrypting server-side stored secrets. The issue could potentially allow a
malicious homeserver to cause a stack buffer overflow in the affected function
and to control that function's local variables.
| 17:14:45 |
| hexa | https://github.com/NixOS/nixpkgs/pull/124276 | 17:14:58 |
| hexa | https://nixpk.gs/pr-tracker.html?pr=124276 Let'see see that PR Tracker | 18:29:00 |
|  ijustwannalurk joined the room. | 21:55:25 |
| 25 May 2021 |
 sumner | Can anyone else review the above and get it merged? | 00:22:13 |
| hexa | merged | 00:26:17 |
| hexa | please create the backport prs | 00:26:25 |
| sumner | hexa: haven't ever done that. Will look into it in a couple hours. | 00:32:56 |
| hexa | thanks! | 00:33:14 |
| sumner | How should I test on 21.05 and 20.09? | 02:56:28 |
 Sandro | What do you want to test? | 02:59:02 |
| sumner | I want to test the following backports:
https://github.com/NixOS/nixpkgs/pull/124326
and
https://github.com/NixOS/nixpkgs/pull/124327 | 03:01:51 |
| sumner | hexa: mentioned that he tested on 20.09 (https://github.com/NixOS/nixpkgs/pull/124276#pullrequestreview-667050318), but I'm not sure the best approach for testing in general since I'm running unstable on all my machines. | 03:02:48 |
| sumner | * hexa mentioned that he tested on 20.09 (https://github.com/NixOS/nixpkgs/pull/124276#pullrequestreview-667050318), but I'm not sure the best approach for testing in general since I'm running unstable on all my machines. | 03:04:08 |
 toonn | Fyi a backport GHAction was recently added might be a good test? | 09:38:44 |
 Synthetica | "recently" | 09:38:59 |
| Synthetica | Literally less than a minute ago :D | 09:39:05 |
| toonn | I'm like a pigeon, time moves very slowly to me : ) | 09:39:53 |
| Synthetica | But yeah, sumner, you should be able to add the label backport release-21.05 and on merge a PR will automatically be opened now | 09:41:04 |
| hexa | We are past creating the backport PRs though, which is all the backport action will create. | 14:04:45 |
| hexa | At some point you have to have confidence, that a backport will not break | 14:05:00 |
| hexa | merged the 20.09 change, which I already tested, but noticed too late, that the cherry-picked from note was missing | 14:07:42 |
| hexa | requested a change for 21.05 | 14:07:49 |
| hexa | sumner: ^ | 14:07:59 |
