backdoor in upstream xz/liblzma leading to ssh server compromise
backdoor in upstream xz/liblzma leading to ssh server compromise
You're viewing a single thread.
99 comments
-
This is the best post I've read about it so far: https://boehs.org/node/everything-i-know-about-the-xz-backdoor
-
In the fallout, we learn a little bit about mental health in open source.
Reminded me of this, relevant as always, xkcd:
-
Yes, exactly.
And looking at you npm : npm
-
-
That whole timeline is insane, and the fact that anyone even found this in the totally coincidental way they did is very lucky for the rest of us.
-
99 comments