On Fri, Mar 29 2024 at 07:56:49 PM +00:00:00, Richard W.M. Jones rjones@redhat.com wrote:
secalert are already well aware and have approved the update. Kevin Fenzi, myself and others were working on it late last night :-(
Sorry, I linked to the wrong article. I meant to link to [1] which says that "At this time the Fedora Linux 40 builds have not been shown to be compromised. We believe the malicious code injection did not take effect in these builds." But this statement contradicts my findings above, and you just replied "yes" to those, implying that my understanding is correct. So I guess either this blog post is wrong and needs to be updated, or you're wrong about me being right. Er, correct? :)
[1] https://www.redhat.com/en/blog/urgent-security-alert-fedora-41-and-rawhide-u...