On 30/03/2024 15.45, Michael Catanzaro wrote:
On Sat, Mar 30 2024 at 12:26:48 PM +00:00:00, Christopher Klooz py0xc3@posteo.net wrote:
If I got Rich right, the malicious code is likely to be broken on F40,
No, that is not correct, as explained by [1] and [2]. We have already asked Red Hat to investigate and fix the blog post. This is still an evolving situation; apologies for the confusion as we sort this out.
[1] https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/... [2] https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/...
Then we must have had some communication snafu regarding the Fedora Magazine article, because multiple people including myself flagged the incorrect statement there before the article was published. Hopefully we can get one this fixed, too.
Michael
In case someone from the Fedora Magazine is in the devel mailing list and reads this:
I am not sure if this is intended, but the article on the magazine already spread the false information that "testing" is disabled by default on F40 (this was also spread on LinkedIn - both have been already re-distributed into several channels), and now it says in the first section "Fedora Linux 40 Beta users only using stable repositories are NOT impacted".
I assume that users who already have the false information (which is already widely distributed) in mind do not feel corrected if they now read “Fedora Linux 40 Beta users only using stable repositories are NOT impacted”. They might simply come to the conclusion that they are not affected since they never enabled testing manually. The article does not correct the earlier information but leaves it as potentially valid.
I think you should make clear in the beginning that testing is enabled by default, and unless they changed it themselves, it has to be assumed to be enabled. With the false information spread already through many channels, I assume some people stop reading after the first section.
I just triggered Justin [1] but I am not sure if he is available at the moment. It would be cool if someone with privileges adjusts the article's first section.
[1] https://discussion.fedoraproject.org/t/attention-malicious-code-in-current-p...