| 23 Oct 2023 |
|  SomeoneSerge (matrix works sometimes) changed their display name from Someone (UTC+3) to SomeoneSerge (UTC+1). | 09:09:21 |
|  globin left the room. | 09:49:04 |
|  globin set a profile picture. | 14:27:40 |
| 24 Oct 2023 |
 hexa | working on openssl | 14:03:43 |
| hexa |
Mitigate incorrect resize handling for symmetric cipher keys and IVs. (CVE-2023-5363)
| 14:07:36 |
| hexa | https://github.com/openssl/openssl/blob/openssl-3.0.12/NEWS.md#major-changes-between-openssl-3011-and-openssl-3012-24-oct-2023 | 14:07:41 |
 K900 | That doesn't look too bad at least | 14:08:04 |
| hexa | https://github.com/NixOS/nixpkgs/pull/263150 | 14:14:26 |
| hexa |
Fix incorrect key and IV resizing issues when calling EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() or EVP_CipherInit_ex2() with OSSL_PARAM parameters that alter the key or IV length (CVE-2023-5363).
| 14:20:20 |
| hexa | now with more words! | 14:20:24 |
 @mtheil:scs.ems.host | hexa: Do you also open a PR for 23.05 or can I? | 14:43:56 |
| hexa | hrm, backport action won't do it, because of openssl_3_1 | 14:44:53 |
| @mtheil:scs.ems.host | yep | 14:44:58 |
| hexa | make sure to cherry-pick with -x | 14:45:08 |
| hexa | and make sure to change hash back to sha256 | 14:45:22 |
| hexa | we're not in a hurry really, because staging-next will likely go first | 14:46:55 |
