Y
Hacker News
new
|
ask
|
show
|
jobs
by
joeyh
807 days ago
Not really. xz worked fine 2 years ago. Roll back to 5.3.1 and apply a fix for the 1 security hole that was fixed since that old version. (ZDI-CAN-16587)
Slight oversimplification, see
https://bugs.debian.org/1068024
discussion.
1 comments
kelseydh
802 days ago
This seems true with so many of these core libraries. Change for the sake of change introduces attack vectors. If it ain't broke, don't fix it!
link
account42
802 days ago
Yeah but people will cry "dead project" if there hasn't been a release for a week.
link