Path: ...!news.nobody.at!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: cr0c0d1le <cr0c0d1le.ewlkg@8shield.net>
Newsgroups: comp.os.linux.advocacy
Subject: Re: Check If Your Distro Is Vulnerable To XZ Backdoor
Date: Tue, 2 Apr 2024 18:30:19 -0400
Organization: A noiseless patient Spider
Lines: 13
Message-ID: <uui0tr$3fb8j$1@dont-email.me>
References: <17c1daf1b743b4f8$156268$3716115$802601b3@news.usenetexpress.com>
 <uuc40a$22uoo$1@solani.org> <uuehj4$2htpk$2@dont-email.me>
 <uues7i$o69$2@solani.org> <uuev29$2l6ri$2@dont-email.me>
 <uuevej$o69$5@solani.org> <uuf07o$2lfi5$1@dont-email.me>
 <uufl9v$2q81c$2@dont-email.me> <uuh7na$39e6r$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Tue, 02 Apr 2024 22:30:19 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="787ff289b89635e78f0bd63873e32381";
	logging-data="3648787"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX19pwgghETD6WatrQFAy0muUfiRaHCN0PDE="
User-Agent: Mozilla Thunderbird
Cancel-Lock: sha1:xKhcdnlkdZEgHzQGr3QreJRG0Sw=
Content-Language: en-US
In-Reply-To: <uuh7na$39e6r$1@dont-email.me>
Bytes: 1899

On 2024-04-02 11:20, candycanearter07 wrote:
> Lawrence D'Oliveiro <ldo@nz.invalid> wrote at 00:59 this Tuesday (GMT):
>> On Mon, 1 Apr 2024 19:00:08 -0000 (UTC), candycanearter07 wrote:
>>
>>> Weird, probably means it's not installed..
>>
>> Just a note: it typically resides in /usr/sbin/ssh. While /usr/sbin is
>> usually part of the $PATH for root, it is not for a nonprivileged user.
> 
> 
> Weird, it's in the PATH for my acct.
My version of xz installed via homebrew was vulnerable :S I thought the 
vulnerability only affected Linux, but macOS is also affected by it.