Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://poa.st/objects/a9c4deee-16e5-4930-8bf8-7d754c2cd8ae">anime graf mays ?️? (graf@poa.st)'s status on Saturday, 30-Mar-2024 05:13:19 JST</a><a href="https://poa.st/users/graf" title="graf@poa.st"><img src="https://gnusocial.jp/avatar/990-48-20220724152015.webp" width="48" height="48" alt="anime graf mays ?️?" style="position: absolute; left: 0; top: 0;">anime graf mays ?️?</a><div><ul><li><li><a href="https://gnusocial.jp/user/785" title="sjw@bae.st">Your New Marijuana Injecting Waifu :weed:</a></li><li><a href="https://gnusocial.jp/user/71734" title="p@shitposter.club">p</a></li><li><a href="https://gnusocial.jp/user/231276" title="p@bae.st">:p:</a></li></ul></div></section><article><a href="https://shitposter.club/users/p">@p</a> <a href="https://bae.st/users/p">@p</a> check this out <a href="https://bae.st/users/sjw">@sjw</a> <a href="https://shitposter.club/users/Moon">@Moon</a> somebody introduced a backdoor into xz/xz-utils (debian/ubuntu) via systemd and openssh (openrc chads stay winning) <br><br><a href="https://www.openwall.com/lists/oss-security/2024/03/29/4">openwall.com/lists/oss-security/2024/03/29/4</a><br><br><a href="https://github.com/tukaani-project/xz/commit/af071ef7702debef4f1d324616a0137a5001c14c">github.com/tukaani-project/xz/commit/af071ef7702debef4f1d324616a0137a5001c14c</a><br><br>:arch: CVE is up <a href="https://security.archlinux.org/CVE-2024-3094">security.archlinux.org/CVE-2024-3094</a><br><br>:gentoo: is marked in-progress <a href="https://bugs.gentoo.org/show_bug.cgi?id=CVE-2024-3094">bugs.gentoo.org/show_bug.cgi?id=CVE-2024-3094</a></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/2879278#notice-5720668">In conversation</a><time datetime="2024-03-30T05:13:19+09:00" title="Saturday, 30-Mar-2024 05:13:19 JST">about a year ago</time> <span>from <span><a href="https://poa.st/objects/a9c4deee-16e5-4930-8bf8-7d754c2cd8ae" rel="external" title="Sent from poa.st via ActivityPub">poa.st</a></span></span><a href="https://poa.st/objects/a9c4deee-16e5-4930-8bf8-7d754c2cd8ae">permalink</a><h4>Attachments</h4><ol><li><article><header><div>Domain not in remote thumbnail source whitelist: www.openwall.com</div><h5><a href="https://www.openwall.com/lists/oss-security/2024/03/29/4">oss-security - backdoor in upstream xz/liblzma leading to ssh server compromise</a></h5><div></div></header><div></div><footer></footer></article></li><li><article><header><div>Domain not in remote thumbnail source whitelist: opengraph.githubassets.com</div><h5><a href="https://github.com/tukaani-project/xz/commit/af071ef7702debef4f1d324616a0137a5001c14c">Docs: Simplify SECURITY.md. · tukaani-project/xz@af071ef</a></h5><div></div></header><div>XZ Utils. Contribute to tukaani-project/xz development by creating an account on GitHub.</div><footer></footer></article></li><li><article><header><div>No result found on File_thumbnail lookup.</div><h5><a href="https://security.archlinux.org/CVE-2024-3094">CVE-2024-3094 - xz - Arch Linux</a></h5><div></div></header><div></div><footer></footer></article></li><li><article><header><div>Domain not in remote thumbnail source whitelist: bugs.gentoo.org</div><h5><a href="https://bugs.gentoo.org/show_bug.cgi?id=CVE-2024-3094">928134 – (CVE-2024-3094) &gt;=app-arch/xz-utils-5.6.0: backdoor in release tarballs</a></h5><div></div></header><div></div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
anime graf mays ?️? (graf@poa.st)'s status on Saturday, 30-Mar-2024 05:13:19 JSTanime graf mays ?️?
@p @p check this out @sjw @Moon somebody introduced a backdoor into xz/xz-utils (debian/ubuntu) via systemd and openssh (openrc chads stay winning)

openwall.com/lists/oss-security/2024/03/29/4

github.com/tukaani-project/xz/commit/af071ef7702debef4f1d324616a0137a5001c14c

:arch: CVE is up security.archlinux.org/CVE-2024-3094

:gentoo: is marked in-progress bugs.gentoo.org/show_bug.cgi?id=CVE-2024-3094
In conversationabout a year ago from poa.stpermalink
Attachments
1. Domain not in remote thumbnail source whitelist: www.openwall.com
  oss-security - backdoor in upstream xz/liblzma leading to ssh server compromise
2. Domain not in remote thumbnail source whitelist: opengraph.githubassets.com
  Docs: Simplify SECURITY.md. · tukaani-project/xz@af071ef
  XZ Utils. Contribute to tukaani-project/xz development by creating an account on GitHub.
3. No result found on File_thumbnail lookup.
  CVE-2024-3094 - xz - Arch Linux
4. Domain not in remote thumbnail source whitelist: bugs.gentoo.org
  928134 – (CVE-2024-3094) >=app-arch/xz-utils-5.6.0: backdoor in release tarballs

Public

Embed Notice

HTML Code

Corresponding Notice