Atemu to Linux • 2 months agobackdoor in upstream xz/liblzma leading to ssh server compromisewww.openwall.commessage-square100arrow-up1528arrow-down15cross-posted to: technologie@jlai.luselfhosted@lemmy.worldlinux@lemmy.worldnetsec@lemmy.worldprogramming@programming.devsaugumas@group.ltcybersecurity@sh.itjust.workshackernews@lemmy.smeargle.fanssecurity
arrow-up1523arrow-down1external-linkbackdoor in upstream xz/liblzma leading to ssh server compromisewww.openwall.comAtemu to Linux • 2 months agomessage-square100cross-posted to: technologie@jlai.luselfhosted@lemmy.worldlinux@lemmy.worldnetsec@lemmy.worldprogramming@programming.devsaugumas@group.ltcybersecurity@sh.itjust.workshackernews@lemmy.smeargle.fanssecurity
minus-squareDaniel QuinnlinkfedilinkEnglish3•2 months agoWhy didn’t this become a thing? Surely in 2024, we should be able to build packages from source and sign releases with a private key.
minus-square@Natanael@slrpnk.netlinkfedilink5•2 months agoIt’s becoming more of a thing but a lot of projects are so old that they haven’t been able to fix their entire build process yet
Why didn’t this become a thing? Surely in 2024, we should be able to build packages from source and sign releases with a private key.
It’s becoming more of a thing but a lot of projects are so old that they haven’t been able to fix their entire build process yet