Hi Andy > Sent: Monday, February 14, 2022 at 9:05 PM > From: "Andy Smith" <a...@strugglers.net> > To: debian-user@lists.debian.org > Subject: Re: You know what? Not only Debian but Fedora 35 has libthai > too....and more > > > systemd and all of Fedora is open source. While it's certainly not > impossible to actively embed back doors in open source software, > it's not a very good place to do so because it could be found by > anyone at any time and then would need to be explained. > Below were some decade-old bugs (but now fixed) that had been "hiding" in plain sight:
CVE-2016-5195 (Dirty COW) CVE-2014-0160 (Heartbleed) CVE-2016-8655 CVE-2017-6074 CVE-2021-3156 (Baron_Samedit) Best regards. Stella
