Billy O'Neal ce1916404f
Revert [liblzma] update to version 5.6.0 (#37199) (#37841)
Resolves https://github.com/microsoft/vcpkg/issues/37839
Reverts #37199

See https://www.openwall.com/lists/oss-security/2024/03/29/4

Note that the version database is unmodified, only the baseline is
changed.

Because vcpkg builds liblzma from cmake sources downloaded from github
and this backdoor required modifications only present in the release
tarballs, it is our belief that vcpkg customers are not affected by this
problem. However, we are reverting this version out of an abundance of
caution as the threat actor clearly has broad access to liblzma
infrastructure, and because we believe customers will start flagging
this package by version as being a problem.
2024-03-30 03:30:28 -07:00
..