Jakub Jirutka on Nostr: xz 5.6.0 and 5.6.1 source tarballs are backdoored. Investigation found that no ...
xz 5.6.0 and 5.6.1 source tarballs are backdoored. Investigation found that no #alpinelinux xz binary is affected.
- stable branches uses xz 5.4 or older
- edge uses unaffected tarball
- the backdoor doesn't work with musl
https://www.openwall.com/lists/oss-security/2024/03/29/4
- stable branches uses xz 5.4 or older
- edge uses unaffected tarball
- the backdoor doesn't work with musl
https://www.openwall.com/lists/oss-security/2024/03/29/4