• c10l@lemmy.world
    link
    fedilink
    arrow-up
    3
    ·
    8 months ago

    They mention versions from 5.5.1 are affected.

    Everywhere else I’ve read only 5.6.0 and 5.6.1 are.

    Is this an abundance of caution by the Debian security team, or is Debian’s earlier version affected due to patching done by the package maintainers?

    • lemmyreader@lemmy.mlOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      8 months ago

      Good question. Maybe it has to do with the fact that the backdoor contributor was on the xz project for about two years.