Chimera Linux on Nostr: a major xz/liblzma backdoor was revealed today: ...
a major xz/liblzma backdoor was revealed today: https://www.openwall.com/lists/oss-security/2024/03/29/4
the positive part is that we are not affected (several compile-time preconditions are not met for the backdoor to even get compiled in, such as gcc compiler, gnu linker, ifunc support, linux-gnu triple) and neither is our infrastructure (there are a couple debian servers, still on xz 5.4)
that said, everyone check their systems (whatever they are) and stay safe :)
the positive part is that we are not affected (several compile-time preconditions are not met for the backdoor to even get compiled in, such as gcc compiler, gnu linker, ifunc support, linux-gnu triple) and neither is our infrastructure (there are a couple debian servers, still on xz 5.4)
that said, everyone check their systems (whatever they are) and stay safe :)