• @c10l
    link
    47 months ago

    They mention versions from 5.5.1 are affected.

    Everywhere else I’ve read only 5.6.0 and 5.6.1 are.

    Is this an abundance of caution by the Debian security team, or is Debian’s earlier version affected due to patching done by the package maintainers?

    • lemmyreaderOP
      link
      fedilink
      English
      27 months ago

      Good question. Maybe it has to do with the fact that the backdoor contributor was on the xz project for about two years.

      • @cbarrick
        link
        English
        47 months ago

        Yep. All distros are rolling-back to before JiaT75 was involved.