Ubuntu 24.04 Beta Delayed Due To XZ Nightmare
Ubuntu 24.04 Beta Delayed Due To XZ Nightmare
4 crossposts
7 comments
My $0.05 reading of it is that they want to hose down the build servers* and start clean, in case if the attacker escaped the sandboxing there.
* (the computers that compile all of the new packages from source, not web servers that are handing out finished deb binaries to the public.)
11 1 ReplyThey're rebuilding all the newer builds "out of an abundance of caution." The servers themselves obviously don't run on experimental software.
8 0 ReplyThis.
4 0 Reply
That would make sense if they ran servers on non-LTS release. Do they do that?
1 0 ReplyThey dont run experimental software on their build servers.
1 0 Reply
2 0 ReplyJust don't package it. And if you have to, sandbox it in Firejail or in Bubblewrap. Or just make Snap out of it.
1 4 Reply
7 comments
Scroll to top