On 2024-03-31 19:42:24 [+0000], tony mancill wrote: > Given what has unfolded over the past few days regarding xz-utils and > CVE-2024-3094 [0], should we revisit the patches applied here and for > #1063252? Are they still needed?
Not with the fallback to pre 5.4.x series but *I* don't think this will remain forever. The requirement for the change was different default value for the -T parameter. Recording the -T parameter by default and relying on defaults is good. > Thank you, > tony Sebastian