Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://mastodon.social/users/irenes/statuses/112180243091101937">Irenes (many) (irenes@mastodon.social)'s status on Saturday, 30-Mar-2024 07:42:04 JST</a><a href="https://mastodon.social/@irenes" title="irenes@mastodon.social"><img src="https://gnusocial.jp/avatar/105220-48-20230422160021.webp" width="48" height="48" alt="Irenes (many)" style="position: absolute; left: 0; top: 0;">Irenes (many)</a></section><article><p>RedHat is reporting that the official upstream of xz, a common library on Unix systems that you've probably used via the tar command, contains malware. The full report is at <a href="https://www.redhat.com/en/blog/urgent-security-alert-fedora-41-and-rawhide-users" rel="nofollow noreferrer">https://www.redhat.com/en/blog/urgent-security-alert-fedora-41-and-rawhide-users</a> and it's CVE-2024-3094.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/2879809#notice-5721756">In conversation</a><time datetime="2024-03-30T07:42:04+09:00" title="Saturday, 30-Mar-2024 07:42:04 JST">about a year ago</time> <span>from <span><a href="https://mastodon.social/@irenes/112180243091101937" rel="external" title="Sent from mastodon.social via ActivityPub">mastodon.social</a></span></span><a href="https://mastodon.social/@irenes/112180243091101937">permalink</a><h4>Attachments</h4><ol><li><article><header><div>Domain not in remote thumbnail source whitelist: www.redhat.com</div><h5><a href="https://www.redhat.com/en/blog/urgent-security-alert-fedora-41-and-rawhide-users">Urgent security alert for Fedora 41 and Fedora Rawhide users</a></h5><div></div></header><div>Red Hat Information Risk and Security and Red Hat Product Security learned that the latest versions of the “xz” tools and libraries contain malicious code that appears to be intended to allow unauthorized access.</div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Irenes (many) (irenes@mastodon.social)'s status on Saturday, 30-Mar-2024 07:42:04 JST Irenes (many)
RedHat is reporting that the official upstream of xz, a common library on Unix systems that you've probably used via the tar command, contains malware. The full report is at https://www.redhat.com/en/blog/urgent-security-alert-fedora-41-and-rawhide-users and it's CVE-2024-3094.
In conversationabout a year ago from mastodon.socialpermalink
Attachments
1. Domain not in remote thumbnail source whitelist: www.redhat.com
  Urgent security alert for Fedora 41 and Fedora Rawhide users
  Red Hat Information Risk and Security and Red Hat Product Security learned that the latest versions of the “xz” tools and libraries contain malicious code that appears to be intended to allow unauthorized access.

Public

Embed Notice

HTML Code

Corresponding Notice