Skip to content
Better HN
Top
Best
Ask
Show
New
Jobs
Search
⌘K
0 points
klysm
2y ago
0 comments
Save
Share
I have never seen anybody point to it as a security risk before this happened. Would be happy to see a reference of somebody saying that prior to the xz event
0 comments
1 comments · 1 top-level
top
newest
oldest
angiosperm
2y ago
Report is that shortly before the hole was reported, a PR had been posted requesting to remove the dependency on xz.
j
/
k
navigate · click thread line to collapse
