• @mumblerfish
    link
    19 months ago

    Depends on distro. But the backdoored package has not been around for more than a few weeks. But the malicious developer have been active for years.