The xz/liblzma thing is a big deal if your distro builds from tarballs and patches openssh to integrate with systemd, which links to them. the backdoor could then compromise ssh auth.
if your distro doesn’t, it might still be bad in other unknown ways so you still need to avoid the impacted versions. you’re just probably safer and can calm down a little.
#xz #backdoor
Seirdy
in reply to Seirdy • • •Content warning: re: quick clarification on the xz backdoor thing
millions :spinny_cat_bi:
in reply to Seirdy • • •Content warning: re: quick clarification on the xz backdoor thing
Seirdy
in reply to millions :spinny_cat_bi: • • •Content warning: re: quick clarification on the xz backdoor thing
-Syu
should update to fixed versions i guess.Arch Linux - News: The xz package has been backdoored
archlinux.org