26 Mar 2025 |
Emma [it/its] | * to the best of my understanding | 22:57:04 |
Emma [it/its] | the patch fixes federation and handling broken rooms fwiw | 22:57:49 |
Emma [it/its] | in particular, if either your server or any server youre joining via arent patched, the join will fail with a number out of range error | 22:58:43 |
Sumner Evans | from what I understand, it's only outbound federation traffic that is affected. Confirming with the synapse devs | 22:59:32 |
Sumner Evans | Redacted or Malformed Event | 23:00:24 |
Sumner Evans | Redacted or Malformed Event | 23:03:46 |
Sumner Evans | from the maintainers:
Inbound traffic can cause outbound traffic to fail across all rooms
Personally, I think this is serious enough to bump the channels. | 23:04:41 |
Sumner Evans | Redacted or Malformed Event | 23:04:48 |
f0x | In reply to @sumner:nevarro.space from what I understand, it's only outbound federation traffic that is affected. Confirming with the synapse devs. I think that if it's only possible for users on your own homeserver to cause this problem, then we don't have to bump the channel https://github.com/element-hq/synapse/security/advisories/GHSA-v56r-hwv5-mxg6 states "a malicious server" so pretty sure this is exploitable over federation | 23:05:21 |
Sumner Evans | Redacted or Malformed Event | 23:05:45 |
emily | I'd suggest asking for a bump in #infra:nixos.org. I have the technical permissions but I don't feel confident in using them unilaterally here | 23:08:07 |
emily | e.g., it would delay the security fixes currently building on staging-next-24.11 | 23:08:18 |
Emma [it/its] | no its caused by remote users in particular | 23:08:44 |
Emma [it/its] | @ndzA8wy:mittens.jumpingcrab.com
@ZQqejO:mittens.jumpingcrab.com
@2cwBli9fJY:mittens.jumpingcrab.com
@hIuTKmCQjQ:mittens.jumpingcrab.com
@byJbUSec:optane.twilightparadox.com
@0dIr0JN:optane.twilightparadox.com
@q2PXjFrjI:optane.twilightparadox.com
@LfnjbI:optane.twilightparadox.com
@B8OWSs:optane.twilightparadox.com
@04zkgFxWPw:optane.twilightparadox.com
@eHvmaxWj:optane.twilightparadox.com
@yb4jUx:optane.twilightparadox.com
@VEloRu:vengeance.ignorelist.com
@BVbuVa:vengeance.ignorelist.com
@zYSwMcf25:vengeance.ignorelist.com
@Du6J9zkG:vengeance.ignorelist.com
@UkbIyOUyNL:vengeance.ignorelist.com
| 23:10:23 |
Emma [it/its] | here's the 3 homeservers that caused it | 23:10:33 |
27 Mar 2025 |
hexa | next time raise this earlier | 00:52:15 |
hexa | triggered nixos-24.11-small eval and bumped it to front | 00:52:29 |
hexa | ok, everything built | 01:39:24 |
hexa | channel scripts are working through the eval | 01:39:36 |
hexa | nixos-24.11-small advanced | 01:45:28 |
hexa | unstable-eval bumped as well | 01:47:26 |
hexa | updating the nixos.org homeserver next | 01:47:35 |
hexa | * updating the nixos.org homeserver next 🤞 | 01:47:42 |
hexa | this is the new space, the old one has a red icon | 01:47:57 |
hexa | #oldspace:nixos.org | 01:48:04 |
hexa | * #oldspace:nixos.org iirc | 01:48:16 |
hexa | unstable-small also ready in a few miniutes | 02:39:49 |
hexa | * unstable-small also ready in a few minutes | 02:39:51 |
hexa | * unstable-small also ready | 02:40:14 |
28 Mar 2025 |
Ralith | did the stable channels get bumped yet? | 16:53:43 |