Hacker News new | past | comments | ask | show | jobs | submit login

> If you're not on a rolling release distro, your version is probably older.

Ironic considering security is often advertised as a feature of rolling release distros. I suppose in most instances it does provide better security, but there are some advantages to Debian's approach (stable Debian, that is).




>Ironic considering security is often advertised as a feature of rolling release distros.

Security is a feature of rolling release. But supply-chain attacks like this are the exception to the rule.


Isn't that what security-updates-only is for?

This particular backdoor is not shipped inside of a security patch, right?


i mean, rolling implies rolling 0-days, too.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: