Probably not necessary for me to say this, but I would strongly discourage everyone from touching that binary until we know the true picture. Infosec people on Twitter are completely baffled at the moment, but last I saw based on a few bits of evidence they seem to be erring towards the idea that it's a case of account being compromised, including the signing keys. Until a proper announcement has been made there is no cause for concern.
"Edward Ned Harvey (lopser)" <[email protected]> wrote: >_______________________________________________ >Tech mailing list >[email protected] >https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech >This list provided by the League of Professional System Administrators > http://lopsa.org/
_______________________________________________ Tech mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
