Comment Re: Resourcing (Score 3, Insightful) 42
It has been mentioned that the maintainer was struggling to cope with processing requests, hence he appointed a helper as co-maintainer - some random guy on the internet he had never met in person with a random email address.
Had the project been managed by, say, Red Hat then any last minute pull request - particularly something that interfaces ssh with systemd I would expect to be better scrutinized. That's not to say that a hostile actor couldn't become an employee a big vendor but you'd have a consistent process across multiple libraries.