Name of the Vulnerable Software and Affected Versions leetlog versions 0.1.2 through 0.1.3

Description The issue concerns malicious code in the affected versions of leetlog, which adds an arbitrary hardcoded SSH key identified as hacker@evilmachine to the system's authorized keys. This indicates a potential compromise of the system.

Recommendations For versions 0.1.2 and 0.1.3, remove the leetlog package, but be aware that this may not remove all malicious software resulting from its installation. Consider any computer with this package installed or running as fully compromised and rotate all secrets and keys stored on it immediately from a different computer.