You are not logged in.
Pages: 1
So a developer of XZ for Debian has put malware in it. From what I understand it only affects those who are using testing or the unstable branch. Look to see if you are using versions 5.5.1alpha-0.1 (uploaded on 2024-02-01), up to and including 5.6.1-1. I'm on version 5.4.1, so I'm good.
Links about this:
https://lists.debian.org/debian-securit … 00057.html
https://www.openwall.com/lists/oss-secu … 24/03/29/4
Offline
From the link below:
Specifically, the nefarious code baked into the code is designed to interfere with the sshd daemon process for SSH (Secure Shell) via the systemd software suite,
So does this mean that Devuan and others based on Devuan would be immune from this malware, even if it is installed?
Forgot to put the link. Here it is: https://thehackernews.com/2024/03/urgen … in-xz.html
Last edited by Ron (2024-03-30 19:24:24)
Offline
Thanks for that, checked mine and it's 5.4.1 as well.
https://sourceforge.net/projects/vuu-do/ New 1.09 isos uploaded 11/27/2024
Vuu-do GNU/Linux, minimal Devuan-based openbox systems to build on, maximal versions if you prefer your linux fully-loaded.
New Devuan-mate-mini isos too!
Please donate to support Devuan and init freedom! https://devuan.org/os/donate
Offline
Pages: 1