The big story right now is the recently uncovered backdoor in liblzma (aka XZ) – a relatively obscure compression library that happens to be a dependency of OpenSSH.
This incident is noteworthy for so many reasons: the exploit itself, how it was deployed, how it was found, what it says about our industry & how the community reacted. Let’s dig in!
Changelog++ members support our work, get closer to the metal, and make the ads disappear. Join today!
Sponsors:
CHANGELOG
when you sign up for Sentry to get $100 off their team plan. ✊
Featuring: