Gottox, 2 months ago The worst conclusion I read from the #xz backdoor was to blame autotools. Yes there are better build systems out there, but it's naive to believe that with cmake/meson/make supplychain attacks are avoidable.
The worst conclusion I read from the #xz backdoor was to blame autotools. Yes there are better build systems out there, but it's naive to believe that with cmake/meson/make supplychain attacks are avoidable.
vwbusguy, 2 months ago @Gottox One of the injections targeted Cmake as well. https://git.tukaani.org/?p=xz.git;a=commitdiff;h=f9cf4c05edd14dedfe63833f8ccbe41b55823b00
@Gottox One of the injections targeted Cmake as well.
https://git.tukaani.org/?p=xz.git;a=commitdiff;h=f9cf4c05edd14dedfe63833f8ccbe41b55823b00
Add comment