ndr on Nostr: I'm not fully agree with that. You said: ~~~ What you need to know: - It only ...
I'm not fully agree with that. You said:
~~~
What you need to know:
- It only affected the binary releases, so if you build from source, you were safe from this one
~~~
The backdoored xz was from upstream github, and was ported to Debian and fedora by building from source ... Also the backdoor get added to binarys by compiling it from source, since the malware is offuscaded not at the source by it is at side files included during compiling
Then I understood that it will only trigger at x86_64 , also if vulnerable xz packages were included on macosx brew .. That run almost arm architecture
Published at
2024-03-31 09:04:55Event JSON
{
"id": "2fe47f180a14205f434840a4737c59569583378f1fdb1fba9fdd8d7bc5451b95",
"pubkey": "1ff1961c07e1494d0ed462643660142314b907826a701316307606e4b9ffe21c",
"created_at": 1711875895,
"kind": 1,
"tags": [
[
"e",
"10e3b4bc1674eb2e8d7e700a131ea95dbf18f61afa9b68107ad5209d325b5060",
"",
"root"
],
[
"p",
"d30ea98ea65e953f91ab93f6b30ea51eb33c506f87d49f600a139aef00aa9511"
]
],
"content": "I'm not fully agree with that. You said:\n\n~~~\nWhat you need to know:\n- It only affected the binary releases, so if you build from source, you were safe from this one\n~~~\n\nThe backdoored xz was from upstream github, and was ported to Debian and fedora by building from source ... Also the backdoor get added to binarys by compiling it from source, since the malware is offuscaded not at the source by it is at side files included during compiling \n\nThen I understood that it will only trigger at x86_64 , also if vulnerable xz packages were included on macosx brew .. That run almost arm architecture ",
"sig": "0cf0bee4437ded3f94577399920bfb4dc4b72f4300dd169647910f144f1809770fea9fcc687934db0dc5fb4b2531dcf33087a4ea52bc56654fe749b010607d2f"
}