Emily! :Blobhaj_Witch_Broom: on Nostr: PSA: Backdoor in latest version of xz: ...
PSA: Backdoor in latest version of xz: https://openwall.com/lists/oss-security/2024/03/29/4
Downgrade if you’re running one of the latest xz versions, it has been compromised. If you’re using mainstream distros, you may be fine (as they lag with versions a bit behind master). If you’re running Alpine or any other non-gnu or non-systemd distro, you should be fine too (the exploit checks for GNU, and also probably won’t work with distro-unpatched sshd)
Downgrade if you’re running one of the latest xz versions, it has been compromised. If you’re using mainstream distros, you may be fine (as they lag with versions a bit behind master). If you’re running Alpine or any other non-gnu or non-systemd distro, you should be fine too (the exploit checks for GNU, and also probably won’t work with distro-unpatched sshd)