Le 30-03-2024, Lawrence D'Oliveiro <
ldo@nz.invalid> a écrit :
... are like the anti-fluoridationists of the Open Source world.
See my battle with trying to explain the issue with the liblzma
vulnerability here
<https://forums.theregister.com/forum/all/2024/03/29/malicious_backdoor_xz/>,
and weep. And discuss.
There's nothing very interesting here. I read the first few messages and
get tired very soon.
Two things are well known since a very long time:
- If something is well spread: an issue will infect a lot of people.
- Attacks are more and more subtil and need to use a lot of components.
The fact that ssh and systemd are well spread doesn't mean they are
bad. It means that one be very careful when using them. Which is the
case, with archlinux: containers created during a few weeks window have
been infected and the vulnerability has been solved very fast. So
nothing new under the sun.
--
Si vous avez du temps à perdre :
https://scarpet42.gitlab.io
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)