• @fluxion
    link
    English
    99 months ago

    Tukaani main website

    • @[email protected]
      link
      fedilink
      5
      edit-2
      9 months ago

      Though unfortunately (or I guess for most use-cases fortunately) you can’t find the malicious m4/build-to-host.m4 file on there afaik. The best way to find that now, should you really want to, is by looking through the commit history of the salsa.debian.org/debian/xz-utils repository which is, as far as I understand it, the repository that the debian packages are built from and consequently also what the compromised packages were built from.