Possibly Related Threads…

chud · 03-29-2024, 08:13 PM

The upstream xz repository and the xz tarballs have been backdoored.

Sources:
https://www.bleepingcomputer.com/news/se...x-distros/
https://www.openwall.com/lists/oss-secur...24/03/29/4
https://archlinux.org/news/the-xz-packag...ackdoored/
https://news.ycombinator.com/item?id=39865810
https://seclists.org/oss-sec/2024/q1/268
https://www.gamingonlinux.com/2024/03/xz...cal-issue/

liblzma and xz version 5.6.0 and 5.6.1 are vulnerable to arbitrary code execution. If you are running Debian sid, Fedora 41, Fedora Rawhide, openSUSE Tumbleweed, or openSUSE MicroOS, run updates now.

trappednever1 · 03-31-2024, 04:28 AM

One has to wonder if a similar event has happened before.....

gentle · 04-02-2024, 03:40 PM

All the time. Look up the famous acid bitches backdoor for a good example.

Church · 04-02-2024, 04:09 PM

The real question is why do we allow today binary files in tests that are not built in the testing faze.

Possibly Related Threads…
Thread		Author	Replies	Views	Last Post
	Undocumented "backdoor" found in Bluetooth chip used by a billion devices	List3n3r	4	581	04-08-2025, 09:23 AM Last Post: joepa
	CISA Warns of Resurge Malware Connected to Ivanti Vuln	KingDice	0	201	04-03-2025, 12:52 PM Last Post: KingDice
	The best/fastest PC browser on the planet ? with the best tools ?️ sidebar	DonalTrump	2	948	02-17-2025, 04:58 PM Last Post: nikjen1
	The Worst Hacks of 2024	NakamotoSatoshi	3	1,085	01-26-2025, 05:52 AM Last Post: Zix
	DDoS attacks may target election infrastructure, FBI warns	KingJulien	6	1,264	10-01-2024, 03:15 PM Last Post: azdfgaAG