WARNING: Malicious code in current pre-release & testing versions/variants: F40 and rawhide affected - users of F40/rawhide need to respond
WARNING: Malicious code in current pre-release & testing versions/variants: F40 and rawhide affected - users of F40/rawhide need to respond

WARNING: Malicious code in current pre-release & testing versions/variants: F40 and rawhide affected - users of F40/rawhide need to respond

I'm genuinely disturbed that a person who was a core developer could just go rogue.
From what I've been reading, it sounds like they were malicious from the very beginning. The work to integrate the malware goes back to 2021. https://boehs.org/node/everything-i-know-about-the-xz-backdoor
It's an extremely sophisticated attack that was hidden very well, and was only accidentally discovered by someone who noticed that rejected SSH connections (eg invalid key or password) were using more CPU power and taking 0.5s longer than they should have. https://mastodon.social/@AndresFreundTec/112180406142695845
From that post, commits set to UTC+0800 and activity between UTC 12-17 indicate that the programmer wasn't operating from California but from another country starting with C. The name is also another hint.
Unrelated, I really like the idea that the author of that blog post to place the favicon near each link
Yeah, what if they go blue next?
(It's rogue not rouge)
I'm pretty sure you just said the same word twice
I'm kinda hoping it was just that a state sponsored attacker showed up on their door and said "include this snippet or else..." otherwise it's terrifying thinking of someone planning some long con like this
We are all relying on the honesty of a few overworked volunteers...
They could of been working for Russia or someone else