Lemmy for LUS
  • Communities
  • Create Post
  • heart
    Support Lemmy
  • search
    Search
  • Login
  • Sign Up
Karna to Linux@lemmy.ml • 1 year ago

Ubuntu 24.04 Beta Delayed Due To XZ Nightmare

www.phoronix.com

external-link
message-square
7
fedilink
  • cross-posted to:
  • ubuntu@discuss.tchncs.de
  • ubuntu@lemmy.ml
  • linux@lemmy.world
  • news
109
external-link

Ubuntu 24.04 Beta Delayed Due To XZ Nightmare

www.phoronix.com

Karna to Linux@lemmy.ml • 1 year ago
message-square
7
fedilink
  • cross-posted to:
  • ubuntu@discuss.tchncs.de
  • ubuntu@lemmy.ml
  • linux@lemmy.world
  • news
alert-triangle
You must log in or register to comment.
  • @rotopenguin@infosec.pub
    link
    fedilink
    English
    39•
    edit-2
    1 year ago

    My $0.05 reading of it is that they want to hose down the build servers* and start clean, in case if the attacker escaped the sandboxing there.

    • (the computers that compile all of the new packages from source, not web servers that are handing out finished deb binaries to the public.)
    • style99
      link
      fedilink
      31•1 year ago

      They’re rebuilding all the newer builds “out of an abundance of caution.” The servers themselves obviously don’t run on experimental software.

      • @rollingflower@lemmy.kde.social
        link
        fedilink
        6•1 year ago

        This.

    • Avid Amoeba
      link
      fedilink
      5•1 year ago

      That would make sense if they ran servers on non-LTS release. Do they do that?

    • @rollingflower@lemmy.kde.social
      link
      fedilink
      3•1 year ago

      They dont run experimental software on their build servers.

  • KarnaOP
    link
    fedilink
    11•1 year ago

    Further read: https://discourse.ubuntu.com/t/xz-liblzma-security-update-post-2/43801?u=d0od

  • Matt
    link
    fedilink
    -4•
    edit-2
    1 year ago

    Just don’t package it. And if you have to, sandbox it in Firejail or in Bubblewrap. Or just make Snap out of it.

Linux@lemmy.ml

!linux@lemmy.ml
Create a post
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !linux@lemmy.ml

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

  • Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
  • No misinformation
  • No NSFW content
  • No hate speech, bigotry, etc

Related Communities

  • !opensource@lemmy.ml
  • !libre_culture@lemmy.ml
  • !technology@lemmy.ml
  • !libre_hardware@lemmy.ml

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

  • 65 users / day
  • 391 users / week
  • 1.69K users / month
  • 5.9K users / 6 months
  • 8 subscribers
  • 8.11K Posts
  • 210K Comments
  • Modlog
  • mods:
  • @AgreeableLandscape@lemmy.ml
  • @nooter692@lemmy.ml
  • @MarcellusDrum@lemmy.ml
  • Arthur Besse
  • Cyclohexane
  • @d3Xt3r@lemmy.nz
  • BE: 0.18.5
  • Modlog
  • Legal
  • Instances
  • Docs
  • Code
  • join-lemmy.org