• @Farnsworth
    link
    39 months ago

    The tukaani github repos are gone, is there a mirror somewhere?

    • @fluxion
      link
      English
      99 months ago

      Tukaani main website

      • @[email protected]
        link
        fedilink
        5
        edit-2
        9 months ago

        Though unfortunately (or I guess for most use-cases fortunately) you can’t find the malicious m4/build-to-host.m4 file on there afaik. The best way to find that now, should you really want to, is by looking through the commit history of the salsa.debian.org/debian/xz-utils repository which is, as far as I understand it, the repository that the debian packages are built from and consequently also what the compromised packages were built from.