DieserTypMatthias,
@DieserTypMatthias@lemmy.ml avatar

Just don’t package it. And if you have to, sandbox it in Firejail or in Bubblewrap. Or just make Snap out of it.

rotopenguin, (edited )
@rotopenguin@infosec.pub avatar

My $0.05 reading of it is that they want to hose down the build servers* and start clean, in case if the attacker escaped the sandboxing there.

  • (the computers that compile all of the new packages from source, not web servers that are handing out finished deb binaries to the public.)
style99,
style99 avatar

They're rebuilding all the newer builds "out of an abundance of caution." The servers themselves obviously don't run on experimental software.

rollingflower,

This.

rollingflower,

They dont run experimental software on their build servers.

avidamoeba,
@avidamoeba@lemmy.ca avatar

That would make sense if they ran servers on non-LTS release. Do they do that?

KarnaSubarna,
@KarnaSubarna@lemmy.ml avatar

Further read: discourse.ubuntu.com/t/…/43801?u=d0od

  • All
  • Subscribed
  • Moderated
  • Favorites
  • linux@lemmy.ml
  • rosin
  • thenastyranch
  • ethstaker
  • osvaldo12
  • mdbf
  • DreamBathrooms
  • InstantRegret
  • magazineikmin
  • Youngstown
  • ngwrru68w68
  • slotface
  • GTA5RPClips
  • kavyap
  • cubers
  • JUstTest
  • everett
  • cisconetworking
  • tacticalgear
  • anitta
  • khanakhh
  • normalnudes
  • Durango
  • modclub
  • tester
  • provamag3
  • Leos
  • megavids
  • lostlight
  • All magazines
    •