Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://idiomdrottning.org/objects/ead47b4a-11e7-4826-b2e2-05163db7ddbd">Sandra (sandra@idiomdrottning.org)'s status on Sunday, 31-Mar-2024 18:37:20 JST</a><a href="https://idiomdrottning.org/users/Sandra" title="sandra@idiomdrottning.org"><img src="https://gnusocial.jp/avatar/105429-48-20230308131752.webp" width="48" height="48" alt="Sandra" style="position: absolute; left: 0; top: 0;">Sandra</a></section><article><p>This is wrong:</p><p>Using systemd on publicly accessible ssh: update RIGHT NOW NOW NOW<br>Otherwise: update RIGHT NOW NOW but prioritize the former</p><p><a href="https://gist.github.com/thesamesam/223949d5a074ebc3dce9ee78baad9e27">https://gist.github.com/thesamesam/223949d5a074ebc3dce9ee78baad9e27</a></p><p>No, the exploit doesn’t rely on systemd being run or even installed. If you have the poisoned version, update right away please. The infected version is infected even without systemd (just as long as it’s run as other than arg0, which is the case with many init systems.). Now, it is because of systemd that Debian and Red Hat shipped a version of sshd that was dynamically linked to liblzma. So that’s the connection to systemd. But it’s “SSH linked to liblzma” that’s exploited, not “SSH inited by systemd”.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/2884687#notice-5731969">In conversation</a><time datetime="2024-03-31T18:37:20+09:00" title="Sunday, 31-Mar-2024 18:37:20 JST">about a year ago</time> <span>from <span><a href="https://idiomdrottning.org/objects/ead47b4a-11e7-4826-b2e2-05163db7ddbd" rel="external" title="Sent from idiomdrottning.org via ActivityPub">idiomdrottning.org</a></span></span><a href="https://idiomdrottning.org/objects/ead47b4a-11e7-4826-b2e2-05163db7ddbd">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
Sandra (sandra@idiomdrottning.org)'s status on Sunday, 31-Mar-2024 18:37:20 JST Sandra
This is wrong:
Using systemd on publicly accessible ssh: update RIGHT NOW NOW NOW
Otherwise: update RIGHT NOW NOW but prioritize the former
https://gist.github.com/thesamesam/223949d5a074ebc3dce9ee78baad9e27
No, the exploit doesn’t rely on systemd being run or even installed. If you have the poisoned version, update right away please. The infected version is infected even without systemd (just as long as it’s run as other than arg0, which is the case with many init systems.). Now, it is because of systemd that Debian and Red Hat shipped a version of sshd that was dynamically linked to liblzma. So that’s the connection to systemd. But it’s “SSH linked to liblzma” that’s exploited, not “SSH inited by systemd”.
In conversationabout a year ago from idiomdrottning.orgpermalink

Public

Embed Notice

HTML Code

Corresponding Notice