TL;DR there was a backdoor found in the XZ program. All major distros have been updated but it is recommended that you do a fresh install on systems that are exposed to the internet and that had the bad version of the program. Only upstream distros were affected.

  • 0xtero@beehaw.org
    link
    fedilink
    arrow-up
    24
    ·
    8 months ago

    Catching this now is pretty huge, because it mainly targets distro build systems. Had this gone undetected, we’d be in shiznit creek couple of years down the line.