All Linux users, check your XZ library. You might be infected.
All Linux users, check your XZ library. You might be infected.
Critical Backdoor Found in xz Data Compression Tool
![Urgent Alert: Stealthy Backdoor Discovered in XZ Compression Utilities - Cyber Kendra](https://hexbear.net/pictrs/image/2ca149ea-306f-451c-b5d1-d3c1d858062e.jpeg?format=webp&thumbnail=256)
If you're running version 5.6.0 or 5.6.1, downgrade immediately.
You're viewing a single thread.
Do not run
xz --version
. Instead check the version in your package manager.23 0 Replydebian/ubuntu based distros: apt show xz-utils or dpkg -l | grep xz redhat/fedora-based: yum info xz dnf info xz arch-based: pacman -Qi xz
EDIT: correction as suggested below
14 0 ReplyOn my machine the package name is slightly different:
apt show xz-utils
3 0 Reply5.4.1, my habit of putting off updates pays off again
2 0 Reply
Why is that? I know the latter gives you more info, but it's still the same thing isn't it?
6 0 ReplyBecause you are running the affected software. It's a bad idea to run something if we are aware that it contains or relies on malicious code.
20 0 ReplyOmg obviously. Can't believe I didn't realize that. Thanks for the answer.
15 0 Reply