You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2024-03-30 13:25:55
- Ron
- Member
- Registered: 2018-04-22
- Posts: 479
Malware found in xz
So a developer of XZ for Debian has put malware in it. From what I understand it only affects those who are using testing or the unstable branch. Look to see if you are using versions 5.5.1alpha-0.1 (uploaded on 2024-02-01), up to and including 5.6.1-1. I'm on version 5.4.1, so I'm good.
Links about this:
https://lists.debian.org/debian-securit … 00057.html
https://www.openwall.com/lists/oss-secu … 24/03/29/4
Offline
#2 2024-03-30 19:23:43
- Ron
- Member
- Registered: 2018-04-22
- Posts: 479
Re: Malware found in xz
From the link below:
Specifically, the nefarious code baked into the code is designed to interfere with the sshd daemon process for SSH (Secure Shell) via the systemd software suite,
So does this mean that Devuan and others based on Devuan would be immune from this malware, even if it is installed?
Forgot to put the link. Here it is: https://thehackernews.com/2024/03/urgen … in-xz.html
Last edited by Ron (2024-03-30 19:24:24)
Offline
#3 2024-04-28 22:22:35
- greenjeans
- Member
- Registered: 2017-04-07
- Posts: 506
- Website
Re: Malware found in xz
Thanks for that, checked mine and it's 5.4.1 as well.
https://sourceforge.net/projects/vuu-do/
Vuu-do GNU/Linux, minimal Devuan-based openbox systems to build on, maximal versions if you prefer your linux fully-loaded.
Please donate to support Devuan and init freedom! https://devuan.org/os/donate
Offline
Pages: 1
