Atemu to [email protected] • 9 months agobackdoor in upstream xz/liblzma leading to ssh server compromisewww.openwall.commessage-square94fedilinkarrow-up1491arrow-down15cross-posted to: [email protected]selfhostedlinuxnetsec[email protected][email protected][email protected][email protected]
arrow-up1486arrow-down1external-linkbackdoor in upstream xz/liblzma leading to ssh server compromisewww.openwall.comAtemu to [email protected] • 9 months agomessage-square94fedilinkcross-posted to: [email protected]selfhostedlinuxnetsec[email protected][email protected][email protected][email protected]
minus-square@[email protected]linkfedilink66•9 months agoThis is the best post I’ve read about it so far: https://boehs.org/node/everything-i-know-about-the-xz-backdoor
minus-squareDefederateLemmyMllinkfedilinkEnglish29•9 months ago In the fallout, we learn a little bit about mental health in open source. Reminded me of this, relevant as always, xkcd:
minus-squareWorseDoughnut 🍩linkfedilinkEnglish15•9 months agoThat whole timeline is insane, and the fact that anyone even found this in the totally coincidental way they did is very lucky for the rest of us.
This is the best post I’ve read about it so far: https://boehs.org/node/everything-i-know-about-the-xz-backdoor
Reminded me of this, relevant as always, xkcd:
Yes, exactly.
And looking at you npm : npm
That whole timeline is insane, and the fact that anyone even found this in the totally coincidental way they did is very lucky for the rest of us.