[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-relays] Backdoor in upstream xz/liblzma leading to ssh server compromise

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-relays] Backdoor in upstream xz/liblzma leading to ssh server compromise
From: "hello@xxxxxxxxxxxxxx via tor-relays" <tor-relays@xxxxxxxxxxxxxxxxxxxx>
Date: Fri, 29 Mar 2024 20:02:54 -0400
Cc: "hello@xxxxxxxxxxxxxx" <hello@xxxxxxxxxxxxxx>
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 02 Apr 2024 06:15:37 -0400
Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=lists.torproject.org; s=2022-eugeni; t=1712052847; bh=rL1ac0AHEzqIW68ZA0Ke4Aeh0Ph1SVfd4faVBDcVMzQ=; h=Date:To:Subject:List-Id:List-Unsubscribe:List-Archive:List-Post: List-Help:List-Subscribe:From:Reply-To:Cc:From; b=UN7hLXlEkxOcTZtwbzKCFPk2s0xuG/zhmEJqwqsEDFMafWB7jBLa60MZVu93vGL8X xxAix5ADWL4at8Pg2UL9QhzEzMN+IO9VkH8cQ7xI07jDrFIcxxfAYKfgOY9xF0z7K8 LMSMwRLCDbuwHTqB6m05Gkt+6ufh8nwchPWlfBBuREAMDDsuyjt0I1FDpO8sEtBBNZ 1DTePUncvenobGEdnzPb0Cfm6/YbLZPx21cWwv64yV2rnmTlZH2yG5uQkQ5E8PQ714 8shxurnY3hfXN2ehvT7bXEw0lSiaMAbSQFbVYdBbs6S0qCqXifIlLpOVgSahmwmqlr 30Mtey9qldGTw==
Feedback-id: if6b949fa:Fastmail
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

Just wanted to bring this to everyone’s attention if you hadn’t seen it already.

Developer discovered a backdoor in xz-utils

https://www.openwall.com/lists/oss-security/2024/03/29/4

--
Sent from Canary

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] Backdoor in upstream xz/liblzma leading to ssh server compromise
  - From: lists

Prev by Author: Re: [tor-relays] Tor Relay Operator Meetup - Saturday, April 13, 2024 at 19 UTC
Next by Author: Re: [tor-relays] Webtunnel type bridge Tor Metrics
Previous by thread: [tor-relays] R: Re: R: Re: Request for Feedback on Relay Node Update Management
Next by thread: Re: [tor-relays] Backdoor in upstream xz/liblzma leading to ssh server compromise
Index(es):
- Author
- Thread