undefined | Better HN

0 pointsklysm1y ago0 comments

I have never seen anybody point to it as a security risk before this happened. Would be happy to see a reference of somebody saying that prior to the xz event

0 comments

angiosperm1y ago

Report is that shortly before the hole was reported, a PR had been posted requesting to remove the dependency on xz.

j / k navigate · click thread line to collapse

0 pointsklysm1y ago0 comments

I have never seen anybody point to it as a security risk before this happened. Would be happy to see a reference of somebody saying that prior to the xz event

0 comments

angiosperm1y ago

Report is that shortly before the hole was reported, a PR had been posted requesting to remove the dependency on xz.

j / k navigate · click thread line to collapse