Dan GoodinI'm doing my best to make my coverage of the xz backdoor accessible to laypeople while also providing the technical details engineers need. I'm also updating as new info becomes available. I hope it's helpful.,
TheAnymouseProphet@dangoodin
I think there needs to be more work amongst Linux distros and other libre software projects to identify libraries and other software that are critical (lots of things use xz) but need funding, as I suspect a lack of funding for the developer is at least partially responsible for setting the stage for the events that transpired.