this post was submitted on 03 Apr 2024

36 points (89.1% liked)

Nix / NixOS

1649 readers

35 users here now

Main links

Videos

founded 1 year ago

MODERATORS

erlingur@programming.dev

ballmerpeaking@programming.dev

WhiteBlackGoose@programming.dev

36

How the xz backdoor highlights a major flaw in Nix | Shade's Blog (shadeyg56.vercel.app)

submitted 5 months ago by starman@programming.dev to c/nix@programming.dev

11 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] pbsds@lemmy.ml 4 points 5 months ago (1 children)

If the issue had been critical, then the branch head could be rolled back, causing everyone to downgrade

[–] Atemu@lemmy.ml 2 points 5 months ago* (last edited 5 months ago)

That's a nice idea in theory but not possible in practice as the last Nixpkgs revision without a tainted version of xz is many months old. You'd trade one CVE for dozens of others.