Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://chaos.social/users/rugk/statuses/112187552016889624">rugk (rugk@chaos.social)'s status on Sunday, 31-Mar-2024 22:48:57 JST</a><a href="https://chaos.social/@rugk" title="rugk@chaos.social"><img src="https://gnusocial.jp/avatar/134997-48-20241113111934.webp" width="48" height="48" alt="rugk" style="position: absolute; left: 0; top: 0;">rugk</a><div><a href="https://social.coop/@eb/112180540086255196" rel="in-reply-to">in reply to</a><ul><li></ul></div></section><article><p><a href="https://social.coop/@eb">@eb</a> aner news, another subtle thing fixed: <a href="https://chaos.social/@danderson@hachyderm.io/112185746040563778" rel="nofollow noreferrer">https://chaos.social/@danderson@hachyderm.io/112185746040563778</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/2879228#notice-5733278">In conversation</a><time datetime="2024-03-31T22:48:57+09:00" title="Sunday, 31-Mar-2024 22:48:57 JST">about a year ago</time> <span>from <span><a href="https://chaos.social/@rugk/112187552016889624" rel="external" title="Sent from chaos.social via ActivityPub">chaos.social</a></span></span><a href="https://chaos.social/@rugk/112187552016889624">permalink</a><h4>Attachments</h4><ol><li><article><header><div>No result found on File_thumbnail lookup.</div><h5><a href="https://hachyderm.io/@danderson/112185746000358589">Dave Anderson (@danderson@hachyderm.io)</a></h5><div> from <span>Dave Anderson</span></div></header><div>The poor original maintainer of xz is on it now, and has already found another "fun" thing: https://git.tukaani.org/?p=xz.git;a=commitdiff;h=f9cf4c05edd14dedfe63833f8ccbe41b55823b00 . The configure check for enabling the Landlock sandboxing facility was subtly broken, so that Landlock support would never get enabled. The original malicious commit landed around the same timeframe as the main backdoor, also at an abnormal time of day compared to the new maintainer's historical activity pattern.</div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
rugk (rugk@chaos.social)'s status on Sunday, 31-Mar-2024 22:48:57 JSTrugk
in reply to
- Evan B🥥ehs
@eb aner news, another subtle thing fixed: https://chaos.social/@danderson@hachyderm.io/112185746040563778
In conversationabout a year ago from chaos.socialpermalink
Attachments
1. No result found on File_thumbnail lookup.
  Dave Anderson (@danderson@hachyderm.io)
  from Dave Anderson
  The poor original maintainer of xz is on it now, and has already found another "fun" thing: https://git.tukaani.org/?p=xz.git;a=commitdiff;h=f9cf4c05edd14dedfe63833f8ccbe41b55823b00 . The configure check for enabling the Landlock sandboxing facility was subtly broken, so that Landlock support would never get enabled. The original malicious commit landed around the same timeframe as the main backdoor, also at an abnormal time of day compared to the new maintainer's historical activity pattern.

Public

Embed Notice

HTML Code

Corresponding Notice