undefined | Better HN

0 pointsgpm2y ago0 comments

5.6.1-1 was built from what I understand to be one of the affected tarballs. This was patched in 5.6.1-2: https://gitlab.archlinux.org/archlinux/packaging/packages/xz...

I agree on the sshd linking part.

0 comments

tutfbhuf2y ago

Interesting, they just switched from tarballs to source 19 hours ago. It seems to me that Frederik Schwan had prior knowledge of the security issue, or it is just a rare coincidence.

ComputerGuru2y ago

Distributions were notified under embargo.

j / k navigate · click thread line to collapse

0 comments

tutfbhuf2y ago

Interesting, they just switched from tarballs to source 19 hours ago. It seems to me that Frederik Schwan had prior knowledge of the security issue, or it is just a rare coincidence.

ComputerGuru2y ago

Distributions were notified under embargo.

j / k navigate · click thread line to collapse