Just don't package it. And if you have to, sandbox it in Firejail or in Bubblewrap. Or just make Snap out of it.
Linux
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Rules
- Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
- No misinformation
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
My $0.05 reading of it is that they want to hose down the build servers* and start clean, in case if the attacker escaped the sandboxing there.
* (the computers that compile all of the new packages from source, not web servers that are handing out finished deb binaries to the public.)
They dont run experimental software on their build servers.
They're rebuilding all the newer builds "out of an abundance of caution." The servers themselves obviously don't run on experimental software.
This.
That would make sense if they ran servers on non-LTS release. Do they do that?