472
Arch with XZ (lemmy.world)
submitted 3 months ago by qwioeue@lemmy.world to c/linuxmemes@lemmy.world
92 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[-] qwioeue@lemmy.world 7 points 3 months ago* (last edited 3 months ago)

Yes, this sshd attack vector isn't possible. However, they haven't decomposed the exploit and we don't know the extent of the attack. The reporter of the issue just scratched the surface. If you are using Arch, you should run pacman right now to downgrade.

[-] Fubarberry@sopuli.xyz 36 points 3 months ago

They actually have an upgrade fix for it, at least for the known parts of it. Doing a standard system upgrade will replace the xz package with one with the known backdoor removed.

[-] HopFlop@discuss.tchncs.de 15 points 3 months ago

If you are using Arch, you should run pacman right now to downgrade.

No, just update. It's already fixed. Thats the point of rolling release.

[-] Trail@lemmy.world 4 points 3 months ago

Bold of you to assume I hare upgraded in the first place.

[-] lemmyvore@feddit.nl 3 points 3 months ago

I switched it with 5.4, just in case.

this post was submitted on 30 Mar 2024
472 points (84.4% liked)

linuxmemes

19844 readers
822 users here now

I use Arch btw

Sister communities:

Community rules

  1. Follow the site-wide rules and code of conduct
  2. Be civil
  3. Post Linux-related content
  4. No recent reposts

Please report posts and comments that break these rules!

founded 1 year ago
MODERATORS
Linuxmemed@lemmy.world
poopsmith@lemmy.world
Geert@lemmy.world