On Sat, Mar 30, 2024 at 11:37 AM Bruce Momjian <bruce(at)momjian(dot)us> wrote:
> You might have seen reports today about a very complex exploit added to
> recent versions of liblzma. Fortunately, it was only enabled two months
> ago and has not been pushed to most stable operating systems like Debian
> and Ubuntu. The original detection report is:
>
> https://www.openwall.com/lists/oss-security/2024/03/29/4
Incredible work from Andres. The attackers made a serious strategic
mistake: they made PostgreSQL slightly slower.