Deutsch English Français Italiano |
<uujpo9$3vqgf$1@dont-email.me> View for Bookmarking (what is this?) Look up another Usenet article |
Path: ...!weretis.net!feeder8.news.weretis.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail From: candycanearter07 <candycanearter07@candycanearter07.nomail.afraid> Newsgroups: comp.os.linux.advocacy Subject: Re: Check If Your Distro Is Vulnerable To XZ Backdoor Date: Wed, 3 Apr 2024 14:40:09 -0000 (UTC) Organization: the-candyden-of-code Lines: 34 Message-ID: <uujpo9$3vqgf$1@dont-email.me> References: <17c1daf1b743b4f8$156268$3716115$802601b3@news.usenetexpress.com> <uui9fo$2kuk$1@solani.org> Injection-Date: Wed, 03 Apr 2024 14:40:10 +0200 (CEST) Injection-Info: dont-email.me; posting-host="fca4c9a33a08cd1b7b52a816531dfcb1"; logging-data="4188687"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/TQ/Motigur00LMiqERud19rVj2EAqlDPJfEjurCjaNA==" User-Agent: slrn/pre1.0.4-9 (Linux) Cancel-Lock: sha1:xtSdJxpdb7zVCWnyKMf/5aNSro0= X-Face: b{dPmN&%4|lEo,wUO\"KLEOu5N_br(N2Yuc5/qcR5i>9-!^e\.Tw9?/m0}/~:UOM:Zf]% b+ V4R8q|QiU/R8\|G\WpC`-s?=)\fbtNc&=/a3a)r7xbRI]Vl)r<%PTriJ3pGpl_/B6!8pe\btzx `~R! r3.0#lHRE+^Gro0[cjsban'vZ#j7,?I/tHk{s=TFJ:H?~=]`O*~3ZX`qik`b:.gVIc-[$t/e ZrQsWJ >|l^I_[pbsIqwoz.WGA]<D Bytes: 2462 Physfitfreak <physfitfreak@gmail.com> wrote at 00:56 this Wednesday (GMT): > On 3/31/24 08:01, Farley Flud wrote: >> Run this command to check if liblzma is linked to ssh: >> >> ldd "$(command -v sshd)" >> >> For example, on Gentoo (the best distro) I get: >> >> linux-vdso.so.1 (0x00007ffff7fcb000) >> libcrypt.so.2 => /usr/lib64/libcrypt.so.2 (0x00007ffff7f6e000) >> libcrypto.so.3 => /usr/lib64/libcrypto.so.3 (0x00007ffff7a00000) >> libz.so.1 => /usr/lib64/libz.so.1 (0x00007ffff7f54000) >> libc.so.6 => /lib64/libc.so.6 (0x00007ffff783c000) >> /lib64/ld-linux-x86-64.so.2 (0x00007ffff7fcc000) >> >> Nope. There ain't no linking to liblzma, thus Gentoo is NOT affected >> regardless of what version of xz-utils is installed. >> >> Systemd is ultimately responsible and more and more hackers will be >> looking for more and better ways of exploiting that 3 million loc >> pile of junk. >> >> Don't say we didn't tell you so. >> >> To save your systems, downgrade xz-utils AND eliminate systemd. >> >> > > What version of xz-utils is vulnerable? 5.6.0 and 5.6.1 -- user <candycane> is generated from /dev/urandom