OSNews on Nostr: Backdoor in upstream xz/liblzma leading to SSH server compromise After observing a ...
Backdoor in upstream xz/liblzma leading to SSH server compromise
After observing a few odd symptoms around liblzma (part of the xz package) on Debian sid installations over the last weeks (logins with ssh taking a lot of CPU, valgrind errors) I figured out the answer:
The upstream xz repository and the xz tarballs have been backdoored.
At first I thought thi
https://www.osnews.com/story/139064/backdoor-in-upstream-xz-liblzma-leading-to-ssh-server-compromise/
#PrivacySecurity
After observing a few odd symptoms around liblzma (part of the xz package) on Debian sid installations over the last weeks (logins with ssh taking a lot of CPU, valgrind errors) I figured out the answer:
The upstream xz repository and the xz tarballs have been backdoored.
At first I thought thi
https://www.osnews.com/story/139064/backdoor-in-upstream-xz-liblzma-leading-to-ssh-server-compromise/
#PrivacySecurity