On Thu, 08 May 2008 09:17:08 -0400 Doug Goldstein <[EMAIL PROTECTED]> wrote:
> Ryan Hill wrote: > > The new lzma-utils codebase uses liblzma, written in C. It's at the > > alpha stage but supposedly supports encoding/decoding the current > > lzma format "well enough" (;P). It probably has some fun bugs to > > find and squish. > > > > http://sf.net/mailarchive/forum.php?thread_name=200804251652.58484.lasse.collin%40tukaani.org&forum_name=lzmautils-announce > According to the mailing list this change was done to fix security > holes in the format and also resulted in a slightly different format > that's incompatible with the previous verion. So lzma 5.x and higher > will be a different on disk format. It's troubling to me that > projects are using lzma when it's on disk format isn't even final and > the project has security issues. The current format is fine. It's the new format that has design/security issues. Yes the formats are incompatible, but so are .tar.lzma and .7z, which are both lzma. Either way I was just offering it as a data point. I have no real opinion one way or the other. -- fonts, gcc-porting, by design, by neglect mips, treecleaner, for a fact or just for effect wxwidgets @ gentoo EFFD 380E 047A 4B51 D2BD C64F 8AA8 8346 F9A4 0662
signature.asc
Description: PGP signature
