Karna to Linux@lemmy.ml • 9 months agoUbuntu 24.04 Beta Delayed Due To XZ Nightmarewww.phoronix.comexternal-linkmessage-square7fedilinkarrow-up1114arrow-down15cross-posted to: ubuntu@discuss.tchncs.deubuntu@lemmy.mllinux@lemmy.world
arrow-up1109arrow-down1external-linkUbuntu 24.04 Beta Delayed Due To XZ Nightmarewww.phoronix.comKarna to Linux@lemmy.ml • 9 months agomessage-square7fedilinkcross-posted to: ubuntu@discuss.tchncs.deubuntu@lemmy.mllinux@lemmy.world
minus-square@rotopenguin@infosec.publinkfedilinkEnglish39•edit-29 months agoMy $0.05 reading of it is that they want to hose down the build servers* and start clean, in case if the attacker escaped the sandboxing there. * (the computers that compile all of the new packages from source, not web servers that are handing out finished deb binaries to the public.)
minus-squarestyle99linkfedilink31•9 months agoThey’re rebuilding all the newer builds “out of an abundance of caution.” The servers themselves obviously don’t run on experimental software.
minus-squareAvid Amoebalinkfedilink5•9 months agoThat would make sense if they ran servers on non-LTS release. Do they do that?
minus-square@rollingflowerlink3•9 months agoThey dont run experimental software on their build servers.
My $0.05 reading of it is that they want to hose down the build servers* and start clean, in case if the attacker escaped the sandboxing there.
* (the computers that compile all of the new packages from source, not web servers that are handing out finished deb binaries to the public.)
They’re rebuilding all the newer builds “out of an abundance of caution.” The servers themselves obviously don’t run on experimental software.
This.
That would make sense if they ran servers on non-LTS release. Do they do that?
They dont run experimental software on their build servers.