Am Freitag, dem 29.03.2024 um 23:20 +0100 schrieb Moritz Mühlenhoff: > Russ Allbery <rra@debian.org> wrote: > > I think this question can only be answered with reverse-engineering of the > > backdoors, and I personally don't have the skills to do that. > > In the pre-disclosure discussion permission was asked to share the payload > with a company specialising in such reverse engineering. If that went > through, I'd expect results to be publicly available in the next days. If there is a final result, can we as a project share the results on a prominent place? Or at least under d-devel-announce and/or d-security- announce? I was also wondering about what could have been compromised, what data might have been stolen, etc. And there is so many sources to follow right now. So sharing the final results would be great. Regards, Daniel
Attachment:
signature.asc
Description: This is a digitally signed message part