076萌SNS
  • Login

  • Public

    • Public
    • Network
    • Groups
    • Popular
    • People

Conversation

Notices

  1. nixCraft 🐧 (nixcraft@mastodon.social)'s status on Saturday, 30-Mar-2024 02:51:27 JST nixCraft 🐧 nixCraft 🐧

    Backdoor in upstream xz/liblzma leading to ssh server compromise https://www.openwall.com/lists/oss-security/2024/03/29/4 #unix #linux #openssh #infosec #security

    In conversation about 8 months ago from mastodon.social permalink

    Attachments

    1. oss-security - backdoor in upstream xz/liblzma leading to ssh server compromise
    • nixCraft 🐧 (nixcraft@mastodon.social)'s status on Saturday, 30-Mar-2024 02:58:03 JST nixCraft 🐧 nixCraft 🐧
      in reply to
      • yianiris

      @yianiris hard to say. but openwall pages says: "openssh does not directly use liblzma. However debian and several other
      distributions patch openssh to support systemd notification, and libsystemd does depend on lzma." I guess we need to wait and see more info.

      In conversation about 8 months ago permalink
    • yianiris (yianiris@kafeneio.social)'s status on Saturday, 30-Mar-2024 02:58:04 JST yianiris yianiris
      in reply to

      Does this mean that if you are NOT using systemd you have nothing to worry about?

      Introduction:

      https://www.phoronix.com/news/XZ-CVE-2024-3094

      Specifics:
      https://www.openwall.com/lists/oss-security/2024/03/29/4

      @nixCraft

      In conversation about 8 months ago permalink

      Attachments


Feeds

  • Activity Streams
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

076萌SNS is a social network, courtesy of 076. It runs on GNU social, version 2.0.2-beta0, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All 076萌SNS content and data are available under the Creative Commons Attribution 3.0 license.