Meanwhile, #Debian is considering rolling #xz back not only to the point before the backdoor was added, but to where the person who _wrote_ the backdoor hadn't contributed any code to xz yet.

Which means considering creating patches to fix ABI breakage such a rollback would cause.

bugs.debian.org/cgi-bin/bugrep

For all the trash talk Debian gets for being "pedantic" and slow to change: They put in the _work_ to do things _right_. I respect that.

via hachyderm.io/@joeyh/1121815129

(Edit: English is hard.)