Atemu@lemmy.ml to Linux@lemmy.ml · 8 months agobackdoor in upstream xz/liblzma leading to ssh server compromisewww.openwall.comexternal-linkmessage-square90fedilinkarrow-up12arrow-down10cross-posted to: selfhosted@lemmy.worldprogramming@programming.devcybersecurity@sh.itjust.works
arrow-up12arrow-down1external-linkbackdoor in upstream xz/liblzma leading to ssh server compromisewww.openwall.comAtemu@lemmy.ml to Linux@lemmy.ml · 8 months agomessage-square90fedilinkcross-posted to: selfhosted@lemmy.worldprogramming@programming.devcybersecurity@sh.itjust.works
minus-squarekbal@fedia.iolinkfedilinkarrow-up0·8 months agoThe average user? Nothing. Mostly it just affects those who get the newest versions of everything.
minus-squareflying_sheep@lemmy.mllinkfedilinkarrow-up0·8 months agoIn this case I think that’s just Fedora and Debian Sid users or so. The backdoor only activates during DEB or RPM builds, and was quickly discovered so only rolling release distros using either package format were affected.
The average user? Nothing. Mostly it just affects those who get the newest versions of everything.
In this case I think that’s just Fedora and Debian Sid users or so.
The backdoor only activates during DEB or RPM builds, and was quickly discovered so only rolling release distros using either package format were affected.