this post was submitted on 17 Aug 2025
161 points (97.1% liked)

Linux

10191 readers
703 users here now

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 2 years ago
MODERATORS
Ategon@programming.dev
anzo@programming.dev
dwraf_of_ignorance@programming.dev
161
Security Researchers Find XZ Utils Backdoored Debian Images on Docker Hub (news.itsfoss.com)
submitted 3 months ago by Sunshine@piefed.ca to c/linux@programming.dev
16 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] henfredemars@infosec.pub 64 points 3 months ago* (last edited 3 months ago)

I understand the position that these old containers are not and cannot be supported, but I disagree with the argument that this is a vulnerability in unmaintained software and therefore should not be fixed. It’s malware. One should not knowingly host malware even if the activation of that malware isn’t likely.