My mastodon feed is full of IT security specialist talking about the xz affair where someone let a backdoor in some library.
But beside showing the two side of Free/Libre software (anybody can add a backdoor, and anybody can spot it), I have no idea how it impacts the average person. Is it a common library or something used only by specific application ? Would my home-grade router protects me ?
Not just a day, a full month the backdoor was available. On the Arch Repo, v5.6.0 was uploaded on February 24th. Will be similar to other repos.
I believe 5.6.0 was in Debian testing for almost a month too.
Thanks for the correction. A full month is much more problematic.