sneakyninjapants

@sneakyninjapants@sh.itjust.works

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨How does the xz incident impacts the average user ? #xz⁩ ⁨⁨7⁩ ⁨months⁩ ago⁩:
Thanks for the correction. A full month is much more problematic.
⁨Comment⁩ on ⁨How does the xz incident impacts the average user ? #xz⁩ ⁨⁨7⁩ ⁨months⁩ ago⁩:
Thanks, SUSE completely slipped my mind
⁨Comment⁩ on ⁨How does the xz incident impacts the average user ? #xz⁩ ⁨⁨7⁩ ⁨months⁩ ago⁩:
How does the xz incident impacts the average user ?

It doesn’t.

Average person:
- not running Debian sid, Fedora nightly, or tbh any flavour of Linux.
- ssh service not exposed publicly
The malicious code was discovered within a day or two of upload iirc and presumably very few people were affected by this. There’s more to it but it’s technical and not directly relevant to your question.

For the average person it has no practical impact. For those involved with or interested in software supply chain security, it’s a big deal.