| Deutsch English Français Italiano |
|
<uujpo9$3vqgf$1@dont-email.me> View for Bookmarking (what is this?) Look up another Usenet article |
Path: ...!weretis.net!feeder8.news.weretis.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: candycanearter07 <candycanearter07@candycanearter07.nomail.afraid>
Newsgroups: comp.os.linux.advocacy
Subject: Re: Check If Your Distro Is Vulnerable To XZ Backdoor
Date: Wed, 3 Apr 2024 14:40:09 -0000 (UTC)
Organization: the-candyden-of-code
Lines: 34
Message-ID: <uujpo9$3vqgf$1@dont-email.me>
References: <17c1daf1b743b4f8$156268$3716115$802601b3@news.usenetexpress.com>
<uui9fo$2kuk$1@solani.org>
Injection-Date: Wed, 03 Apr 2024 14:40:10 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="fca4c9a33a08cd1b7b52a816531dfcb1";
logging-data="4188687"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/TQ/Motigur00LMiqERud19rVj2EAqlDPJfEjurCjaNA=="
User-Agent: slrn/pre1.0.4-9 (Linux)
Cancel-Lock: sha1:xtSdJxpdb7zVCWnyKMf/5aNSro0=
X-Face: b{dPmN&%4|lEo,wUO\"KLEOu5N_br(N2Yuc5/qcR5i>9-!^e\.Tw9?/m0}/~:UOM:Zf]%
b+ V4R8q|QiU/R8\|G\WpC`-s?=)\fbtNc&=/a3a)r7xbRI]Vl)r<%PTriJ3pGpl_/B6!8pe\btzx
`~R! r3.0#lHRE+^Gro0[cjsban'vZ#j7,?I/tHk{s=TFJ:H?~=]`O*~3ZX`qik`b:.gVIc-[$t/e
ZrQsWJ >|l^I_[pbsIqwoz.WGA]<D
Bytes: 2462
Physfitfreak <physfitfreak@gmail.com> wrote at 00:56 this Wednesday (GMT):
> On 3/31/24 08:01, Farley Flud wrote:
>> Run this command to check if liblzma is linked to ssh:
>>
>> ldd "$(command -v sshd)"
>>
>> For example, on Gentoo (the best distro) I get:
>>
>> linux-vdso.so.1 (0x00007ffff7fcb000)
>> libcrypt.so.2 => /usr/lib64/libcrypt.so.2 (0x00007ffff7f6e000)
>> libcrypto.so.3 => /usr/lib64/libcrypto.so.3 (0x00007ffff7a00000)
>> libz.so.1 => /usr/lib64/libz.so.1 (0x00007ffff7f54000)
>> libc.so.6 => /lib64/libc.so.6 (0x00007ffff783c000)
>> /lib64/ld-linux-x86-64.so.2 (0x00007ffff7fcc000)
>>
>> Nope. There ain't no linking to liblzma, thus Gentoo is NOT affected
>> regardless of what version of xz-utils is installed.
>>
>> Systemd is ultimately responsible and more and more hackers will be
>> looking for more and better ways of exploiting that 3 million loc
>> pile of junk.
>>
>> Don't say we didn't tell you so.
>>
>> To save your systems, downgrade xz-utils AND eliminate systemd.
>>
>>
>
> What version of xz-utils is vulnerable?
5.6.0 and 5.6.1
--
user <candycane> is generated from /dev/urandom