Looks like someone managed to get a backdoor into ssh in Fedora and Debian testing. Patch systems ASAP.
https://www.openwall.com/lists/oss-security/2024/03/29/4
Impressive how this was caught within three weeks of the first malicious commit.
Please Login to reply.
Honestly that’s mostly cause the exploit was kinda shitty, though…
*) by chance
Because it added a 0.4 second delay on ssh logins and someone decided to have a look.
