JWF edit: More about this now on the Fedora Magazine: (correction to the Fedora Magazine article: testing updates are not opt in in F40 but enabled by default because it is a pre-release; see update 2 below) The xz package that has already entered the current F40 pre-release versions/variants and rawhide contains malicious code. This does NOT affect users of the Fedora releases (F38, F39 are thus not affected), but all users who use already F40 pre-release versions/variants or rawhide shal...
Well, there’s also malicious code in the proprietary binary blobs of the drivers and those run with kernel privilege.
At least that one we see what it does.
Well, there’s also malicious code in the proprietary binary blobs of the drivers and those run with kernel privilege. At least that one we see what it does.