Jesse Darrone:
> I hate to raise the alarm, but it looks like this should be scrutinized.
>
> It sounds like a backdoor made it into the upstream repository:
> https://www.openwall.com/lists/oss-security/2024/03/29/4
Yes, I just learned. I am investigating.
FWIW, I did look over the complete 5.4.5 -> 5.6.1 diff as part of
my regular update procedure, but didn't catch this in the 144028-line
diff.
--
Christian "naddy" Weisgerber naddy@mips.inka.de
No comments:
Post a Comment