Good to know, thank you!
I do think in this case it may be worth going to an older version because the
maintainer was actively malicious. Even if *this* vulnerability looks safe.
Just feels like playing with fire at the moment.
Also, it sounds like libarchive had a suspicious commit by the auth
On Sat, 30 Mar 2024 02:15:53 +0100 (CET)
henrichhart...@tuta.io wrote:
> Hi everyone,
>
> I recently read through this:
> https://www.openwall.com/lists/oss-security/2024/03/29/4
>
> It sounds like xz 5.6.0 and 5.6.1 are backdoored. Not sure if FreeBSD is or
> not, but it looks like 14-stable
Hi everyone,
I recently read through this:
https://www.openwall.com/lists/oss-security/2024/03/29/4
It sounds like xz 5.6.0 and 5.6.1 are backdoored. Not sure if FreeBSD is or
not, but it looks like 14-stable and main have xz 5.6.0. In my opinion, earlier
versions may also be suspect given tha
