Homebrew and Macports users read this *now*.... - random

mcc , 3 months ago

Homebrew and Macports users read this now.

https://mastodon.lawprofs.org/@SteveBellovin/112180311536275381

This is about the xz supply chain attack I boosted earlier. (The oss-security post [EDIT: that's https://www.openwall.com/lists/oss-security/2024/03/29/4] is clear, informative and horrifying; you should read it. The entire open source ecosystem is funded on trusting that something like this would never happen.)

EDIT: Correction. Homebrew believes they're immune https://github.com/orgs/Homebrew/discussions/5243#discussioncomment-8954951 But recommends removing the "untrustworthy" version anyway to be safe.

Reply

Report

Activity

Open original URL

Copy original URL

Copy Mbin URL

Loading...

+ Npars01