this post was submitted on 30 Mar 2024
120 points (96.2% liked)
Sysadmin
7566 readers
1 users here now
A community dedicated to the profession of IT Systems Administration
No generic Lemmy issue posts please! Posts about Lemmy belong in one of these communities:
[email protected]
[email protected]
[email protected]
[email protected]
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
No, it was snuck into the website download of the source code. If you got it from GitHub it was fine, if you got it from their website you got pwnd
That's not correct as far as I can tell. The backdoored code ended up in release tarballs (but not source tarballs because of
autoconf
fuckery), see eg. this mailing list discussion.Ah, you’re right. I wasn’t aware they had release tars on GitHub as well