>>>>> On Wed, 29 May 2024, Sam James wrote: > # Sam James <s...@gentoo.org> (2024-05-29) > # OpenPGP key of malicious xz co-maintainer. This key is no longer used > # by any ebuilds in tree. Removal on 2024-06-29. > # Bug #928134. > sec-keys/openpgp-keys-jiatan
Just out of interest, by what chain of trust was this key added, in the first place? Ulrich
signature.asc
Description: PGP signature
