How to quickly check if your #linux system may be affected by the recent XZ utils supply chain backdoor. Open your terminal, enter:
xz --version
bad: versions 5.6.0 or 5.6.1
ok: 5.4.6.
The malicious code could affect sshd authentification (CVE-2024-3094). Updates and downgrades for SuSE, Fedora, Kali and other distros are available.
Pop!_OS or Debian stable versions are not affected but it never hurts to double-check.
#XZ #liblzma #pop_os #debian #fedora
Chris š¾ /
npub12zā¦82arr
2024-03-30 08:23:01
Author Public Key
npub12z5595ec584xlc68er7vxr5a9zu46q7r85nhg7mrtptyek49ak6sw82arrPublished at
2024-03-30 08:23:01Event JSON
{
"id": "bc53c295297fca0689ed3cd1017a5194d6405ac487e655520ee21125d790658c",
"pubkey": "50a942d338a1ea6fe347c8fcc30e9d28b95d03c33d27747b6358564cdaa5edb5",
"created_at": 1711786981,
"kind": 1,
"tags": [
[
"t",
"xz"
],
[
"t",
"debian"
],
[
"t",
"fedora"
],
[
"t",
"linux"
],
[
"t",
"liblzma"
],
[
"t",
"pop_os"
],
[
"proxy",
"https://mstdn.games/users/chris/statuses/112183671593985958",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://mstdn.games/users/chris/statuses/112183671593985958",
"pink.momostr"
]
],
"content": "How to quickly check if your #linux system may be affected by the recent XZ utils supply chain backdoor. Open your terminal, enter:\n\nxz --version\n\nbad: versions 5.6.0 or 5.6.1\nok: 5.4.6.\n\nThe malicious code could affect sshd authentification (CVE-2024-3094). Updates and downgrades for SuSE, Fedora, Kali and other distros are available. \n\nPop!_OS or Debian stable versions are not affected but it never hurts to double-check.\n\n#XZ #liblzma #pop_os #debian #fedora",
"sig": "930fab49d87806c0e64de6c344d1e48db6e8d32765adeafa2fa118458b70e50bd85e7fde2f11cac95d07a9895674652d503ac50a99a9765ee04bf5c2ec7db731"
}