Debian

CVE-2024-3094 concerning a backdoor exploit in XZ Utils 5.6.0 and 5.6.1 releases are currently being analyzed, for the moment we have paused Archive processing. We will advise as soon as possible. For more reading and information: tukaani.org/xz-backdoor/ micronews.debian.org/2024/1711… #debian

CVE-2024-3094 concerning a backdoor exploit in XZ Utils 5.6.0 and 5.6.1 releases are currently being analyzed, for the moment we have paused Archive processing. We will advise as soon as possible. For more reading and information: tukaani.org/xz-

CVE-2024-3094 concerning a backdoor exploit in XZ Utils 5.6.0 and 5.6.1 releases are currently being analyzed, for the moment we have paused Archive processing. We will advise as soon as possible. For more reading and information: https://tukaani.

^{micronews.debian.org}

#debian

in reply to Debian

𝖆𝖒𝖆𝖗𝖔𝖐 🇨🇿🇪🇺

in reply to Debian • 7 months ago • •

I know this is not directly related to the recent Chinese (?) backdoor, but the XZ format has all kind of problems and I personally avoid using it. Having a better compression ratio is not a reason to prefer XZ, IMHO. See nongnu.org/lzip/xz_inadequate.…
#gnulinux #opensource #Debian

Xz format inadequate for long-term archiving

^{www.nongnu.org}

#opensource #debian #gnulinux

⇧

Debian

Debian 7 months ago • •

CVE-2024-3094 concerning a backdoor exploit in XZ Utils 5.6.0 and 5.6.1 releases are currently being analyzed, for the moment we have paused Archive processing. We will advise as soon as possible. For more reading and information: tukaani.org/xz-

𝖆𝖒𝖆𝖗𝖔𝖐 🇨🇿🇪🇺

Xz format inadequate for long-term archiving

Debian
7 months ago • •