... darkrealms ...

Forums before death by AOL, social media and spammers... "We can't have nice things"

alt.os.linux.slackware

I think its the one without Selinux crap

87,272 messages

[ << oldest | < older | list | newer > | newest >> ]

Message 86,931 of 87,272

Joseph Rosevear to Rich

Re: Is Slackware xz safe?

30 Jan 25 03:12:29

   From: Mail@JoesLife.org   
      
   On Thu, 30 Jan 2025 01:11:04 -0000 (UTC), Rich wrote:   
      
   > Joseph Rosevear  wrote:   
      
   [snip]   
      
   >> That's interesting.  I was wondering whether systemd was involved in   
   >> this story.  One of the links I posted included a message that said   
   >> something similar.  Does systemd use ssh in some special way?   
   >   
   > You know, this is all year old news, and just searching "xz backdoor"   
   > should have found you this for further reading:   
   >   
   > https://en.wikipedia.org/wiki/XZ_Utils_backdoor   
   >   
   > The short story is the backdoor targeted ssh, and it got into ssh via   
   > being linked into a systemd library that ssh, on systemd systems, itself   
   > linked to.   
   >   
   > For Slackware it was a no-op because Slackware does not use systemd, so   
   > Slackware's ssh did not indirectly link to xz via a systemd library.   
      
   Hello, Rich,   
      
   Yes, I read the article once already.  On rereading it I see that the xz   
   bug, ssh and systemd are all connected in a complex way.   
      
   I guess I missed this when it was first in the news.  Thanks for your   
   help!   
      
   -Joe   
      
   --- SoupGate-DOS v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)

[ << oldest | < older | list | newer > | newest >> ]