Y
Hacker News
new
|
ask
|
show
|
jobs
by
gpm
817 days ago
5.6.1-1 was built from what I understand to be one of the affected tarballs. This was patched in 5.6.1-2:
https://gitlab.archlinux.org/archlinux/packaging/packages/xz...
I agree on the sshd linking part.
1 comments
tutfbhuf
817 days ago
Interesting, they just switched from tarballs to source 19 hours ago. It seems to me that Frederik Schwan had prior knowledge of the security issue, or it is just a rare coincidence.
link
ComputerGuru
817 days ago
Distributions were notified under embargo.
link