xz/liblzma Compromise Link Roundup
Links to analysis, discussion and more related to the xz/liblzma compromise (CVE-2024-3094).
xz/liblzma Backdoor: Open Source Nuke? Maybe Not That Bad!
hardenedvault.netxz/liblzma Backdoor: Open Source Nuke? Maybe Not That Bad! Story Background On March 29, 2024, a report exposing a backdoor in the upstream source code of the controversial open-source project, the xz software package, was made public on the oss-security mailing list.