[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Backdoor in upstream xz/liblzma leading to ssh server compromise

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] Backdoor in upstream xz/liblzma leading to ssh server compromise
From: lists@xxxxxxxxxxxxxxx
Date: Tue, 02 Apr 2024 12:41:46 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 02 Apr 2024 06:42:13 -0400
Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=for-privacy.net; s=easymail; t=1712054518; bh=59UI//OxnhRQ2wLwsKXA1zAxS07BE0d1E+wpdoj1ru0=; h=From:To:Subject:Date:In-Reply-To:References:From; b=FOQRnB+oi4iujEOLGxq5fDD7fZGc2Riq7rCtLBZn4xXOj0q82SRQbjH/8YMCTOYcw 3d3K4FeB3MpI8zZSU74LzWHTm7h95L42PBfEfUHvXg1KoXzH0mpN/yXGTUGC/alsFn 2JDvCTTWKuIQE8FDH1tr0QWdS1lje0oOnj2woPqpCY3WS/MmD6LgacHeqTykEDwoMl NJJ33xN2oB4U96Dg6FBXAN8DWofRRZUEV6HvxwtYlArD0o35JH2MTRnG0/lpoVCy7K sS1FboIjJfFDbR9Vkm1vUJH5Xkyhs6GIQYiDPA6eWxQxaBHDbRHNs+RdhXiPHQZVOy Md718UKxZcz/g==
Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=for-privacy.net; s=easymail; t=1712054517; bh=59UI//OxnhRQ2wLwsKXA1zAxS07BE0d1E+wpdoj1ru0=; h=From:To:Subject:Date:In-Reply-To:References:From; b=qV+0FIH9aPExhxEJ7zE1SpBTK2qMD5/PcdNKN92pXWhnGj28fk4SYaiSxiAN3ujn7 lu4UIMkqhH5ftKD9sG2EFFk7mmPUk13hPaRJzNOFZofBkZyalZ0bdRXf34EOKeXHF/ qkVMsfuYDegVQok4pmCh2f8JY8jQhaiqF6o03FDDjQDh6ViPb5/mORpdvO6Hi4poXk G7pL+AKWVsWFGccEO5Vs3xK4KxejJXlSOUjbaLbZnqToY3p6Ka+nVlG1m9e+FGuFK5 wnUw2C/QoXMeMAAaq6yK9On2MEjreC70UXTnzU4qbHUKpckZbzw7bc25NzqqIwbVMZ r37SShlhb+89Q==
In-reply-to: <a1236bd0-d140-4b0c-ae14-b34af2143b79@Canary>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <a1236bd0-d140-4b0c-ae14-b34af2143b79@Canary>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

On Samstag, 30. März 2024 01:02:54 CEST hello@xxxxxxxxxxxxxx via tor-relays 
wrote:
> Just wanted to bring this to everyone’s attention if you hadn’t seen it
> already. Developer discovered a backdoor in xz-utils
> https://www.openwall.com/lists/oss-security/2024/03/29/4

Pretty unlikely that anyone uses testing or sid for productive servers.

-- 
╰_╯ Ciao Marco!

Debian GNU/Linux

It's free software and it gives you freedom!

Attachment: signature.asc
Description: This is a digitally signed message part.

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

References:
- [tor-relays] Backdoor in upstream xz/liblzma leading to ssh server compromise
  - From: hello@xxxxxxxxxxxxxx via tor-relays

Prev by Author: [tor-relays] I need a new VPS provider
Next by Author: Re: [tor-relays] Webtunnel type bridge Tor Metrics
Previous by thread: [tor-relays] Backdoor in upstream xz/liblzma leading to ssh server compromise
Next by thread: [tor-relays] User advisory to check for xz-utils backdoor
Index(es):
- Author
- Thread