mox@lemmy.sdf.org to

Selfhosted@lemmy.worldEnglish · 8 months ago

Backdoor in upstream xz/liblzma leading to ssh server compromise

www.openwall.com

9

156

Backdoor in upstream xz/liblzma leading to ssh server compromise

www.openwall.com

mox@lemmy.sdf.org to

Selfhosted@lemmy.worldEnglish · 8 months ago

9

Related discussion:

https://news.ycombinator.com/item?id=39865810

Advisories:

CVE-2024-3094
Arch
Debian
openSUSE
Red Hat

Chat

vext01@lemmy.sdf.org
link
fedilink
English
arrow-up
6·
8 months ago
In case, like me, you were wondering what this has to do with ssh:

openssh does not directly use liblzma. However debian and several other distributions patch openssh to support systemd notification, and libsystemd does depend on lzma.

Selfhosted@lemmy.world

selfhosted@lemmy.world

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !selfhosted@lemmy.world

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.

Rules:

Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it’s not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

1.5K users / day
3.19K users / week
5.72K users / month
12.5K users / 6 months
2 local subscribers
40.2K subscribers
3.09K Posts
62.7K Comments
Modlog