qemu-devel
[
Top
][
All Lists
]
Advanced
[
Date Prev
][
Date Next
][
Thread Prev
][
Thread Next
][
Date Index
][
Thread Index
]
Backdoor in xz, should we switch compression format for tarballs?
From
:
Paolo Bonzini
Subject
:
Backdoor in xz, should we switch compression format for tarballs?
Date
:
Fri, 29 Mar 2024 18:59:30 +0100
For more info, see
https://lwn.net/ml/oss-security/20240329155126.kjjfduxw2yrlxgzm@awork3.anarazel.de/
but, essentially, xz was backdoored and it seems like upstream was directly responsible for this.
Based on this, should we switch our distribution from bz2+xz to bz2+zstd or bz2+lzip?
Thanks,
Paolo
reply via email to
[Prev in Thread]
Current Thread
[
Next in Thread
]
Backdoor in xz, should we switch compression format for tarballs?
,
Paolo Bonzini
<=
Re: Backdoor in xz, should we switch compression format for tarballs?
,
Alex Bennée
,
2024/03/29
Re: Backdoor in xz, should we switch compression format for tarballs?
,
Daniel P . Berrangé
,
2024/03/29
Re: Backdoor in xz, should we switch compression format for tarballs?
,
Alex Bennée
,
2024/03/29
Re: Backdoor in xz, should we switch compression format for tarballs?
,
Stefan Hajnoczi
,
2024/03/30
Re: Backdoor in xz, should we switch compression format for tarballs?
,
Michael Tokarev
,
2024/03/31
Prev by Date:
Re: [PATCH 1/1] e1000: Get debug flags from an environment variable
Next by Date:
Re: [RFC PATCH v2 4/6] cxl/core: report poison when injecting from debugfs
Previous by thread:
[PATCH v3 0/5] hw/char: Implement the STM32L4x5 USART, UART and LPUART
Next by thread:
Re: Backdoor in xz, should we switch compression format for tarballs?
Index(es):
Date
Thread