Atemu to [email protected] • 9 months agobackdoor in upstream xz/liblzma leading to ssh server compromisewww.openwall.commessage-square99fedilinkarrow-up1526arrow-down15cross-posted to: hackingprogrammingcybersecuritynetseclinux[email protected][email protected][email protected]
arrow-up1521arrow-down1external-linkbackdoor in upstream xz/liblzma leading to ssh server compromisewww.openwall.comAtemu to [email protected] • 9 months agomessage-square99fedilinkcross-posted to: hackingprogrammingcybersecuritynetseclinux[email protected][email protected][email protected]
minus-square@[email protected]linkfedilinkEnglish14•9 months agoThe back door is not in the source code though, so it’s not reproducible from source.
minus-square@[email protected]linkfedilinkEnglish12•edit-29 months agoPart of the payload was in the tarball. There was still a malicious shim in the upstream repo
The back door is not in the source code though, so it’s not reproducible from source.
Part of the payload was in the tarball. There was still a malicious shim in the upstream repo