<![CDATA[Dev1 Galaxy Forum / Malware found in xz]]> http://dev1galaxy.org/viewtopic.php?id=6530 Sun, 28 Apr 2024 22:22:35 +0000 FluxBB <![CDATA[Re: Malware found in xz]]> http://dev1galaxy.org/viewtopic.php?pid=49742#p49742 Thanks for that, checked mine and it's 5.4.1 as well.

]]> Sun, 28 Apr 2024 22:22:35 +0000 http://dev1galaxy.org/viewtopic.php?pid=49742#p49742 <![CDATA[Re: Malware found in xz]]> http://dev1galaxy.org/viewtopic.php?pid=49296#p49296 From the link below:

Specifically, the nefarious code baked into the code is designed to interfere with the sshd daemon process for SSH (Secure Shell) via the systemd software suite,

So does this mean that Devuan and others based on Devuan would be immune from this malware, even if it is installed?

Forgot to put the link. Here it is: https://thehackernews.com/2024/03/urgen … in-xz.html

]]> Sat, 30 Mar 2024 19:23:43 +0000 http://dev1galaxy.org/viewtopic.php?pid=49296#p49296 <![CDATA[Malware found in xz]]> http://dev1galaxy.org/viewtopic.php?pid=49283#p49283 So a developer of XZ for Debian has put malware in it. From what I understand it only affects those who are using testing or the unstable branch. Look to see if you are using versions 5.5.1alpha-0.1 (uploaded on 2024-02-01), up to and including 5.6.1-1. I'm on version 5.4.1, so I'm good.

Links about this:

https://lists.debian.org/debian-securit … 00057.html
https://www.openwall.com/lists/oss-secu … 24/03/29/4

]]> Sat, 30 Mar 2024 13:25:55 +0000 http://dev1galaxy.org/viewtopic.php?pid=49283#p49283