On Fri, 2024-04-26 at 08:22 +0930, Tim via users wrote: > > as far as xz, for F40, the affected version was only in updates- > > testing > > for a short time, it never reached stable. The downgrade to the > > older version was pushed later in the day that the announcement > > came out > > about it. > > Thanks. Also wondering how far back the breach went. I remember > reading that the person had being playing the long game about doing > this. They spent a long time setting it up, but the actual breach wasn't introduced until very recently, and IIRC was caught before it made it to a stable release. poc -- _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue