Skip to main content

CVE-2024-3094 concerning a backdoor exploit in XZ Utils 5.6.0 and 5.6.1 releases are currently being analyzed, for the moment we have paused Archive processing. We will advise as soon as possible. For more reading and information: https://tukaani.org/xz-backdoor/ https://micronews.debian.org/2024/1711830544.html?utm_source=dlvr.it&utm_medium=mastodon #debian

CVE-2024-3094 concerning a backdoor exploit in XZ Utils 5.6.0 and 5.6.1 releases are currently being analyzed, for the moment we have paused Archive processing. We will advise as soon as possible. For more reading and information: tukaani.org/xz-

CVE-2024-3094 concerning a backdoor exploit in XZ Utils 5.6.0 and 5.6.1 releases are currently being analyzed, for the moment we have paused Archive processing. We will advise as soon as possible. For more reading and information: https://tukaani.
micronews.debian.org
#debian
in reply to Debian

𝖆𝖒𝖆𝖗𝖔𝖐 πŸ‡¨πŸ‡ΏπŸ‡ͺπŸ‡Ί
𝖆𝖒𝖆𝖗𝖔𝖐 πŸ‡¨πŸ‡ΏπŸ‡ͺπŸ‡Ί
I know this is not directly related to the recent Chinese (?) backdoor, but the XZ format has all kind of problems and I personally avoid using it. Having a better compression ratio is not a reason to prefer XZ, IMHO. See https://www.nongnu.org/lzip/xz_inadequate.html
#gnulinux #opensource #Debian

Xz format inadequate for long-term archiving

www.nongnu.org
#opensource #debian #gnulinux
⇧