Atemu@lemmy.ml to Linux@lemmy.ml · 8 months agobackdoor in upstream xz/liblzma leading to ssh server compromisewww.openwall.comexternal-linkmessage-square99fedilinkarrow-up1528arrow-down15
arrow-up1523arrow-down1external-linkbackdoor in upstream xz/liblzma leading to ssh server compromisewww.openwall.comAtemu@lemmy.ml to Linux@lemmy.ml · 8 months agomessage-square99fedilink
minus-squarefriend_of_satan@lemmy.worldlinkfedilinkEnglisharrow-up17arrow-down3·8 months agoThe back door is not in the source code though, so it’s not reproducible from source.
minus-squareStatic_Rocket@lemmy.worldlinkfedilinkEnglisharrow-up12·edit-28 months agoPart of the payload was in the tarball. There was still a malicious shim in the upstream repo
The back door is not in the source code though, so it’s not reproducible from source.
Part of the payload was in the tarball. There was still a malicious shim in the upstream repo