• @[email protected]
    link
    fedilink
    English
    149 months ago

    The back door is not in the source code though, so it’s not reproducible from source.

    • @[email protected]
      link
      fedilink
      English
      12
      edit-2
      9 months ago

      Part of the payload was in the tarball. There was still a malicious shim in the upstream repo