Hi GuixersJust stumbled upon this recently discovered supply chain attack on xz, inserting a backdoor via test files [1, 2]. And it made me wondering, what would have been the effects on guix and how can we potentially avoid it?
Stay safe! Reza [1] https://www.openwall.com/lists/oss-security/2024/03/29/4 [2] https://access.redhat.com/security/cve/cve-2024-3094#cve-cvss-v3