GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE

  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Conversation

Notices

  1. Embed this notice
    hinketu🎮WizardryPG (hinketu_n@gamingjp.org)'s status on Saturday, 30-Mar-2024 04:47:01 JST hinketu🎮WizardryPG hinketu🎮WizardryPG
    • かき@GNUsocialJP

    けど。xz-utils(liblzma5)のbackdoorって具体的にどういうやつだったんだろう。listen port開いて待ってるだけだったのかな。

    In conversation about 8 months ago from gamingjp.org permalink
    • Embed this notice
      zunda (zundan@mastodon.zunda.ninja)'s status on Saturday, 30-Mar-2024 04:47:01 JST zunda zunda
      in reply to
      • かき@GNUsocialJP

      @hinketu_n https://www.openwall.com/lists/oss-security/2024/03/29/4 をざっくり読んだ限り、sshdが公開鍵認証をする過程で何かのコードを実行しているみたいだ、とのことです。

      > Since this is running in a pre-authentication context, it seems likely to allow some form of access or other form of remote code execution.

      In conversation about 8 months ago permalink

      Attachments

      1. Domain not in remote thumbnail source whitelist: www.openwall.com
        oss-security - backdoor in upstream xz/liblzma leading to ssh server compromise

Feeds

  • Activity Streams
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.