scy , 3 months ago to random Eek. Apparently liblzma (part of the xz package) has a backdoor in versions 5.6.0 and 5.6.1, causing SSH to be compromised. https://www.openwall.com/lists/oss-security/2024/03/29/4 This might even have been done on purpose by the upstream devs. Developing story, please take with a grain of salt. The 5.6 versions are somewhat recent, depending on how bleeding edge your distro is you might not be affected. #liblzma #xz #lzma #backdoor #ITsecurity #OpenSSH #SSH
Eek. Apparently liblzma (part of the xz package) has a backdoor in versions 5.6.0 and 5.6.1, causing SSH to be compromised.
https://www.openwall.com/lists/oss-security/2024/03/29/4
This might even have been done on purpose by the upstream devs.
Developing story, please take with a grain of salt.
The 5.6 versions are somewhat recent, depending on how bleeding edge your distro is you might not be affected.
#liblzma #xz #lzma #backdoor #ITsecurity #OpenSSH #SSH