Why Nostr? What is Njump?
2024-03-31 18:00:56

Dr. Hax on Nostr: Wow, right after I posted that, I found out that the same account that introduced the ...

Wow, right after I posted that, I found out that the same account that introduced the xz backdoor also introduced a vulnerability into libarchive in 2021!

It wasn't caught until two days ago, and only because the xz backdoor happened to get caught.

So yeah, more evidence that this happens more frequently than people realize.

Source: https://boehs.org/node/everything-i-know-about-the-xz-backdoor
quoting
What's really gonna bake your noodle later on is, how many times has this happened before and nobody caught it?
Author Public Key
npub16v82nr4xt62nlydtj0mtxr49r6enc5r0sl2f7cq2zwdw7q92j5gs8meqha