[gnutls-devel] GnuTLS | add cmake (!1908)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Sun Dec 22 06:06:41 CET 2024
Maxim Cournoyer commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1908#note_2270890731
I'd consider both Autotools and Meson to be equally insecure, given you can run any external command in Meson as part of a build, so the argument seems moot to me. Also note that the XZ exploit was in part in the dist release tarball and part in the git repository: the source itself had been compromised. If some contributor is able to sneak bad things in the source, it's compromised, and the build system won't help much.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1908#note_2270890731
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20241222/a2b3e1ea/attachment.html>
More information about the Gnutls-devel
mailing list