• azvasKvklenko
    link
    fedilink
    English
    arrow-up
    45
    ·
    6 months ago

    AFAIK, the xz vulnerability was designed for Debian based on its workaround fixing systemd service status detection. Even if it shipped to something like Arch, the malicious code wouldn’t load.