id	summary	reporter	owner	description	type	status	priority	milestone	component	version	severity	resolution	keywords	cc
5471	xz-5.6.2	Xi Ruoyao	lfs-book	"https://www.openwall.com/lists/oss-security/2024/03/29/4

Though the injected malicious code is inactive for LFS (because we're not building RPM or DEB; see the ""Affected Systems"" section of the oss-security post), the gentleman introduced the code has made many commits to xz and we are not sure how many of them are malicious as well."	enhancement	closed	normal	12.2	Book	git	normal	fixed