00:04:42 i gtg, but if this somehow still produces the same i686 linux archive: can you exec into your gitrun container and look for unbound-1.19.1-86cd726f39e.tar.gz and zeromq-4.3.4-ce87484fee4.tar.gz, docker cp them out of there and upload them somewhere for me? 00:05:57 you got it 00:06:23 thanks for the patience. I don't think this is user error. one way or another, happy to help 02:40:44 alright, I will have to upload those items for you. hash still same as last time. docker inspect --format='{{index .RepoDigests 0}}' ubuntu:bionic returns error: no such object: ubuntu:bionic. Weird. Will look tomorrow 03:12:47 https://send.vis.ee/download/94ab4016df0ac303/#hbEBAtc1zggVWBnackLJfw 03:14:14 net/tor: improve address parsing https://paste.debian.net/hidden/72ed4eb6 03:15:09 Sorry, should also link writeup (if you can call it that): https://codeberg.org/jpk68/monero/pulls/13 03:22:45 cc sech1 03:35:48 LGTM 09:30:14 hi folks - is there a list somewhere of current core team members? 09:34:05 Did you look on getmonero.org ? If it's anywhere, it's most likely there. 09:37:07 Yep I did, couldn’t see anything authoritative. 09:38:12 Just looking to see how big the team is really. No hass. 09:46:05 scoobybejesus: can you send me the output of: docker history --no-trunc base-bionic-amd64 09:46:14 and also docker exec -it gitian-target bash and then the output of apt list --installed 10:35:57 john_alan: They're all around you, answering your questions too. 😁 10:36:10 https://mrelay.p2pool.observer/m/matrix.org/THrFIUSfZbrjvvoIKIYfInBD.jpg (Screenshot_20260509-172340.jpg) 11:14:04 yes > using a reproducibility issue on an unimportant target (e.g. i686 linux) to get all builders to use fresh (malicious) images is exactly how i would expect someone to attempt to backdoor our gitian builds 13:19:26 <321bob321> @xorchi2:matrix.org: There everywhere, but nowhere