• Jonah@lemmy.ml
    link
    fedilink
    arrow-up
    7
    ·
    3 years ago

    Compared to what a fully malicious group could have done, this is quite benign. They published the list of email addresses that they used to make the commits and announced what they’d done. They also weren’t trying to introduce any actual vulnerabilities. Even though I don’t agree with the way they did it (especially not telling anyone first), hopefully the fact that they managed to do this will act as a wake up call for the Linux kernel (and other open source projects).

    • nutomic@lemmy.ml
      link
      fedilink
      arrow-up
      6
      ·
      3 years ago

      Based on what I read, they tries to introduce vulnerabilities, but the code was accidentally correct. Which is quite funny.