121

Backdoor found in widely used Linux utility breaks encrypted SSH connections | Ars Technica (arstechnica.com)

submitted 7 months ago by possiblylinux127@lemmy.zip to c/sysadmin@lemmy.world

8 comments fedilink hide all child comments

Hopefully this does not affect you but if you are running something like Arch, OpenSUSE tumbleweed, Debian sid or Fedora Rawhide and use SSH for remote access you should do a full wipe.

you are viewing a single comment's thread
view the rest of the comments

[-] SMillerNL@lemmy.world 1 points 7 months ago

No, it was snuck into the website download of the source code. If you got it from GitHub it was fine, if you got it from their website you got pwnd

[-] hydroptic@sopuli.xyz 3 points 7 months ago

That's not correct as far as I can tell. The backdoored code ended up in release tarballs (but not source tarballs because of autoconf fuckery), see eg. this mailing list discussion.

[-] SMillerNL@lemmy.world 2 points 7 months ago

Ah, you’re right. I wasn’t aware they had release tars on GitHub as well

this post was submitted on 30 Mar 2024

121 points (96.2% liked)

Sysadmin

7694 readers

326 users here now

A community dedicated to the profession of IT Systems Administration

No generic Lemmy issue posts please! Posts about Lemmy belong in one of these communities:
!lemmy@lemmy.ml
!lemmyworld@lemmy.world
!lemmy_support@lemmy.ml
!support@lemmy.world

founded 1 year ago

MODERATORS

DarraignTheSane@lemmy.world

00Lemming@lemmy.world

L3s@lemmy.world