I will briefly add a few links where the issue is further debated for those who are interested: https://boehs.org/node/everything-i-know-about-the-xz-backdoor https://gist.github.com/thesamesam/223949d5a074ebc3dce9ee78baad9e27
> 30. 3. 2024 v 11:33, Peter N. M. Hansteen <pe...@bsdly.net>: > > While this issue does not in fact affect OpenBSD, I think it will still be > of interest to OpenBSD users -- a lot of us deal with Linux in our dayjobs, > after all. > > This is one of the best explanations of the matter I have seen so far: > https://lcamtuf.substack.com/p/technologist-vs-spy-the-xz-backdoor > > and it leads in with a quote to remember - > > "This dependency existed not because of a deliberate design decision > by the developers of OpenSSH, but because of a kludge added by some > Linux distributions to integrate the tool with the operating > system’s newfangled orchestration service, systemd." > > Enjoy! > > > -- > Peter N. M. Hansteen, member of the first RFC 1149 implementation team > https://bsdly.blogspot.com/ https://www.bsdly.net/ https://www.nuug.no/ > "Remember to set the evil bit on all malicious network traffic" > delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds. >
