wrote in to
send us a link to a CERT advisory explaining that the sources
to TCP wrappers were actually replaced
with a nice new and improved version. Complete with a trojan.
It was caught fairly quickly after it was uploaded, but it's
still kinda scary. Update: 01/22 01:07
Several people sent the Bugtraq post
over at Linux Today. A lot more details clarifying the situation.