[Midnightbsd-users] xz vulnerabilities
Lucas Holt
luke at foolishgames.com
Sat Mar 30 10:15:12 EDT 2024
There is an xz vulnerability in 5.6.0 and 5.6.1 that was caused by a
malicious payload added via a commit.
https://boehs.org/node/everything-i-know-about-the-xz-backdoor
At this time, I am unaware of anything in libarchive that is considered
dangerous as mentioned on that website. MidnightBSD does not use the
affected versions of xz in base. We have 5.2.9 right now.
--
Lucas Holt
Luke at FoolishGames.com
________________________________________________________
MidnightBSD.org (Free OS)
JustJournal.com (Free blogging)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.midnightbsd.org/pipermail/midnightbsd-users/attachments/20240330/c1a936e7/attachment.htm>
More information about the Midnightbsd-users
mailing list