💭 Arch Linux - News: The xz package has been backdoored

Waylon Walker Author

April 16, 2024 1 min read

Arch Linux - News: The xz package has been backdoored

archlinux.org

Check your system to see if you are vulnerable to the xz backdoor.

I found this line most pertanent to me.

The xz packages prior to version 5.6.1-2 (specifically 5.6.0-1 and 5.6.1-1) contain this backdoor.

Also it appears that arch is not vulnerable as it does not directly link openssh to liblzma, so the known attack vecotor is not possible. read to the end of the linked article for more.

Note

This post is a thought. It’s a short note that I make about someone else’s content online #thoughts

`j`	Scroll down
`k`	Scroll up
`g` `g`	Scroll to top
`Shift` `G`	Scroll to bottom
`d`	Half-page down
`u`	Half-page up

`j` / `↓`	Next post (in feeds)
`k` / `↑`	Previous post (in feeds)
`Enter` / `o`	Open highlighted post
`Shift` `O`	Open in new tab
`g` `h`	Go to home
`g` `s`	Focus search
`[`	Previous page
`]`	Next page
`s`	Toggle simple/rich feed view

`/`	Focus search input
`⌘CtrlK`	Focus search (alternative)
`y` `y`	Copy URL to clipboard
`?`	Show this help
`Esc`	Close / clear highlight

Connections

Share this post