Hopefully this does not affect you but if you are running something like Arch, OpenSUSE tumbleweed, Debian sid or Fedora Rawhide and use SSH for remote access you should do a full wipe.

  • SMillerNL@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    7 months ago

    No, it was snuck into the website download of the source code. If you got it from GitHub it was fine, if you got it from their website you got pwnd

    • hydroptic@sopuli.xyz
      link
      fedilink
      arrow-up
      0
      ·
      7 months ago

      That’s not correct as far as I can tell. The backdoored code ended up in release tarballs (but not source tarballs because of autoconf fuckery), see eg. this mailing list discussion.