I can think of one vaguely-related event, the mICQ obfuscated code flap: <http://lists.debian.org/debian-devel/2003/02/msg00771.html>. But that wasn't a backdoor, it was program-author-inserted obfuscated code that detected an attempt to build a Debian package and keeled over if the person running the program was not the Debian package maintainer... but it was an instance of acting in bad faith, and that's rare enough in the free software world that it's noteworthy.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds