[tor-relays] User advisory to check for xz-utils backdoor
lists at for-privacy.net
lists at for-privacy.net
Tue Apr 2 10:43:43 UTC 2024
On Freitag, 29. März 2024 19:39:05 CEST pasture_clubbed242--- via tor-relays
wrote:
>
> The near-universally used 'xz' compression library has been found to contain
> a backdoor in certain code branches. This backdoor has made it into some
> systems such as Debian Sid.
>
> Details regarding this backdoor are available here.
> https://www.openwall.com/lists/oss-security/2024/03/29/4
Pretty unlikely that anyone uses testing or sid for productive servers.
--
╰_╯ Ciao Marco!
Debian GNU/Linux
It's free software and it gives you freedom!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 3872 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20240402/796767ce/attachment.sig>
More information about the tor-relays
mailing list