Xz

XZ

Security, SSH, Xz
MacOS even MacOS seems not hardly affected, better safe than sorry ! # get Version brew info xz # Cleanup Cache brew cleanup -v -s --prune=all # Downgrade brew reinstall xz # Update brew update # Upgrade brew upgrade # reboot reboot # confirm, 5.4.6 should be fine xz -V Links https://www.openwall.com/lists/oss-security/2024/03/29/4 https://nvd.nist.gov/vuln/detail/CVE-2024-3094 https://www.wiz.io/blog/cve-2024-3094-critical-rce-vulnerability-found-in-xz-utils https://arstechnica.com/security/2024/03/backdoor-found-in-widely-used-linux-utility-breaks-encrypted-ssh-connections/ https://github.com/orgs/Homebrew/discussions/5243 https://github.com/amlweems/xzbot https://www.nzz.ch/technologie/xz-luecke-der-verrueckteste-angriff-ein-programmierer-entdeckt-per-zufall-eine-gefaehrliche-hintertuere-im-code-wohl-von-einem-geheimdienst-ld.1824766 https://www.deepfactor.io/an-accidental-discovery-of-a-backdoor-likely-prevented-thousands-of-infections/ fun: https://infosec.exchange/@tinker/112196180295212632 Any Comments ? sha256: d2d6b0518ee60fc80381a2fb44dee61d06c02a7d4182045ff25d59f4894d1a10