TL;DR there was a backdoor found in the XZ program. All major distros have been updated but it is recommended that you do a fresh install on systems that are exposed to the internet and that had the bad version of the program. Only upstream distros were affected.

  • Possibly linuxOP
    link
    fedilink
    English
    arrow-up
    8
    ·
    edit-2
    9 months ago

    One still could hide something in source code. I think we need to just be more security aware in general. Having source code isn’t useful if someone deliberately put a security hole in it