How the xz backdoor highlights a major flaw in Nix | Shade's Blog
How the xz backdoor highlights a major flaw in Nix | Shade's Blog
shadeyg56.vercel.app How the xz backdoor highlights a major flaw in Nix | Shade's Blog
Background On Friday, March 29th, 2024, a historical and sophisticated security vulnerability (CVE-2024-3094) was discovered in the XZ Utils package and liblzma api in version 5.6.0 and 5.6.1. While this vulnerability mostly affects Debian and RedHat distributions, there was some interesting discuss...