My mastodon feed is full of IT security specialist talking about the xz affair where someone let a backdoor in some library.

But beside showing the two side of Free/Libre software (anybody can add a backdoor, and anybody can spot it), I have no idea how it impacts the average person. Is it a common library or something used only by specific application ? Would my home-grade router protects me ?

  • qaz
    link
    38 months ago

    You forgot about OpenSUSE Tumbleweed, it also shipped the infected package. I had to update to a newer non-infected version of xz.