Hopefully this does not affect you but if you are running something like Arch, OpenSUSE tumbleweed, Debian sid or Fedora Rawhide and use SSH for remote access you should do a full wipe.

  • @[email protected]
    link
    fedilink
    37 months ago

    No, it was snuck into the website download of the source code. If you got it from GitHub it was fine, if you got it from their website you got pwnd

    • @[email protected]
      link
      fedilink
      47 months ago

      That’s not correct as far as I can tell. The backdoored code ended up in release tarballs (but not source tarballs because of autoconf fuckery), see eg. this mailing list discussion.