serious backdoor impacts major linux distros (Fedora, Kali, openSUSE, Debian)
serious backdoor impacts major linux distros (Fedora, Kali, openSUSE, Debian)
Urgent: serious backdoor impacts major linux distros Fedora, Kali, openSUSE, Debian
DegenRocket has summarized the info & given you a simple command to check if your Linux machine is vulnerable:
Permanently Deleted
7 1 Reply+1, stable Debian FTW!
2 0 ReplyThis particular backdoor as far as anyone knows only affects Debian and derivatives and fedora. Arch ftw.
1 0 Replyyeah bro arch ftw... but you better update your rolling thing asap
3 0 ReplyActually, I had read that Arch is affected, and current advice was to update
https://archlinux.org/news/the-xz-package-has-been-backdoored/
You'll probably want to move up to 5.6.1-2 out of an abundance of caution, as recommended here https://security.archlinux.org/CVE-2024-3094
2 0 Reply
so you should check if you're running xz version 5.6.0 or 5.6.1
xz -V
1 0 ReplyI read somewhere that you should avoid starting xz if you don't have to and therefore should use, for example,
apt-show-versions xz
(Though this has been two days ago and might not be relevant anymore, am not a dev).
4 0 Reply