[Midnightbsd-users] MNBSD-2025-3
Lucas Holt
luke at foolishgames.com
Thu Apr 3 13:04:33 EDT 2025
MidnightBSD versions using xz 2.4.x or higher are vulnerable to a DOS in
the multithreaded liblzma decompress code.
This includes 3.2.x before 3.2.3 and 4 current before earlier today.
Patch applied to stable/3.2 branch.
4-current updated to 5.6.3 and then patch applied.
details:
https://github.com/tukaani-project/xz/security/advisories/GHSA-6cc8-p5mm-29w2
https://www.midnightbsd.org/security/adv/MNBSD-2025-3.html
--
Lucas Holt
Luke at FoolishGames.com
________________________________________________________
MidnightBSD.org (Free OS)
JustJournal.com (Free blogging)
More information about the Midnightbsd-users
mailing list