- cross-posted to:
- [email protected]
- [email protected]
- cross-posted to:
- [email protected]
- [email protected]
Hopefully this does not affect you but if you are running something like Arch, OpenSUSE tumbleweed, Debian sid or Fedora Rawhide and use SSH for remote access you should do a full wipe.
That’s not correct as far as I can tell. The backdoored code ended up in release tarballs (but not source tarballs because of
autoconf
fuckery), see eg. this mailing list discussion.Ah, you’re right. I wasn’t aware they had release tars on GitHub as well