mox@lemmy.sdf.org to Selfhosted@lemmy.worldEnglish · edit-28 months agoBackdoor in upstream xz/liblzma leading to ssh server compromisewww.openwall.comexternal-linkmessage-square9fedilinkarrow-up1159arrow-down13file-textcross-posted to: programming@programming.devsecurity@lemmy.ml
arrow-up1156arrow-down1external-linkBackdoor in upstream xz/liblzma leading to ssh server compromisewww.openwall.commox@lemmy.sdf.org to Selfhosted@lemmy.worldEnglish · edit-28 months agomessage-square9fedilinkfile-textcross-posted to: programming@programming.devsecurity@lemmy.ml
Related discussion: https://news.ycombinator.com/item?id=39865810 Advisories: CVE-2024-3094 Arch Debian openSUSE Red Hat
minus-squareMoonrise2473@feddit.itlinkfedilinkEnglisharrow-up3·8 months agoWow And for a state sponsored attacker is cheaper to bribe (or threaten to kill, even cheaper) the single developer to add a backdoor than all the research to find a zero day
Wow
And for a state sponsored attacker is cheaper to bribe (or threaten to kill, even cheaper) the single developer to add a backdoor than all the research to find a zero day