FWIW, i found out about this first from the FSF tech team - they pinged me this morning to ask me to check if parabola had a vulnerable build - the arch announcement came several hours later; though the arch maintainer had addressed the issue about 12 hours earlier
the warning is only to err on the safe side - as far as anyone knows, arch and parabola never distributed this exploit in binary form - arch did distribute it in source form and that was the main reason for the rebuild last night; but even those sources were harmless unless compiled on a debian or RPM system _______________________________________________ Dev mailing list [email protected] https://lists.parabola.nu/mailman/listinfo/dev
