Thomas Dettbarn <dettus@dettus.net> wrote:
> Hello.
>
>
> Yeah... You know how the social engineering part of this xz
> backhole was done?
>
> Somebody pressured the Maintainer, that he needs to add new
> features.
>
> Afterwards, the maintainers of distributions were pressured to
> update, because there were some "NEW FEATURES" available.
>
> Your post sounded eerie similar. As do some of the gitlog entries.
>
>
> Just my two cents...
> (I am sure that I have not yet earned the privilege to post it on this list,
> but I felt like I had to say something. Blame it on poor impulse control!)
I think that is an uneducated take on the situation. It sounds like:
"I can't really tell, but I'm very suspicious, I'm not going to put
any effort into justifying my suspiciouns, but in the meantime maybe
it is better if everyone stop all open source work of any sort
immediately. Just my pointless two cents."
> On 4/1/24 12:55, Kirill A. Korinsky wrote:
> > Folks,
> >
> > Despite of current security issue with xz/lzma the algortihm itself provides
> > great compression, and the existing XZ Utils provide great compression in
> > the .xz file format, but they produce just one big block of compressed data.
> >
> > Here, a new port which is called archivers/pixz which produces a collection
> > of smaller blocks which makes random access to the original data possible.
> > This is especially useful for large tarballs.
> >
> > This can be used as seprated application or via tar, that described on
> > homepage: https://github.com/vasi/pixz
> >
> > --
> > wbr, Kirill
>
No comments:
Post a Comment