Ariadne Conill 🐰 on Nostr: The XZ Utils backdoor is a symptom of a larger problem: On March 29th, Andres Freund ...
The XZ Utils backdoor is a symptom of a larger problem:
On March 29th, Andres Freund dropped a bombshell on the oss-security mailing list: recent XZ Utils source code tarball releases made by Jia Tan were released with a backdoor. Thankfully, for multiple reasons, Alpine was not impacted by this backdoor, despite the recent source code tarball releases being published in Alpine edge.
https://ariadne.space/2024/04/02/the-xz-utils-backdoor-is-a-symptom-of-a-larger-problem/
On March 29th, Andres Freund dropped a bombshell on the oss-security mailing list: recent XZ Utils source code tarball releases made by Jia Tan were released with a backdoor. Thankfully, for multiple reasons, Alpine was not impacted by this backdoor, despite the recent source code tarball releases being published in Alpine edge.
https://ariadne.space/2024/04/02/the-xz-utils-backdoor-is-a-symptom-of-a-larger-problem/