Sysadmin

7877 readers

6 users here now

A community dedicated to the profession of IT Systems Administration

No generic Lemmy issue posts please! Posts about Lemmy belong in one of these communities:
[email protected]
[email protected]
[email protected]
[email protected]

founded 2 years ago

MODERATORS

DarraignTheSane

00Lemming

L3s

120

Backdoor found in widely used Linux utility breaks encrypted SSH connections | Ars Technica (arstechnica.com)

submitted 9 months ago by [email protected] to c/sysadmin

8 comments fedilink hide all child comments

Hopefully this does not affect you but if you are running something like Arch, OpenSUSE tumbleweed, Debian sid or Fedora Rawhide and use SSH for remote access you should do a full wipe.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 5 points 9 months ago

Well you only have to reinstall if you had affected versions installed.
For e.g. Debian stable, thats not the case. Or e.g. Arch sshd doesnt link to xz, so thats not a concern there.

Most systems wont be affected because their sshd doesnt link xz, didnt update to that version yet or simply isnt accessible from the outside.
Though it does show how vulnerable critical packages can be and how much better we need to protect them.