Atemu@lemmy.ml to Linux@lemmy.ml · 7 months agobackdoor in upstream xz/liblzma leading to ssh server compromisewww.openwall.comexternal-linkmessage-square87fedilinkarrow-up1524arrow-down15cross-posted to: opensource@lemmit.onlinetechnologie@jlai.lunetsec@links.hackliberty.orglinux_gaming@lemmit.onlineselfhosted@lemmy.worldlinux@lemmy.worldnetsec@lemmy.worldprogramming@programming.devsaugumas@group.ltcybersecurity@sh.itjust.works
arrow-up1519arrow-down1external-linkbackdoor in upstream xz/liblzma leading to ssh server compromisewww.openwall.comAtemu@lemmy.ml to Linux@lemmy.ml · 7 months agomessage-square87fedilinkcross-posted to: opensource@lemmit.onlinetechnologie@jlai.lunetsec@links.hackliberty.orglinux_gaming@lemmit.onlineselfhosted@lemmy.worldlinux@lemmy.worldnetsec@lemmy.worldprogramming@programming.devsaugumas@group.ltcybersecurity@sh.itjust.works
minus-squareprogandy@feddit.delinkfedilinkarrow-up5arrow-down2·edit-27 months agoI think that was a precaution. The malicious build script ran during the build, but the backdoor itself was most likely not included in the resuling package as it checked for specific packaging systems. https://www.openwall.com/lists/oss-security/2024/03/29/22
I think that was a precaution. The malicious build script ran during the build, but the backdoor itself was most likely not included in the resuling package as it checked for specific packaging systems.
https://www.openwall.com/lists/oss-security/2024/03/29/22