{"_id":"66087233b8ccb73234954bb7","date":"2024-03-30T20:12:35.589Z","u":1711829555589,"name":"Friend","country":null,"board":"origin","tripcode":null,"capcode":null,"subject":"SSH backdoor in upstream xz/liblzma release tarballs","message":"<span class=\"bold\">backdoor in upstream xz/liblzma leading to ssh server compromise</span>\r\n<a rel=\"nofollow\" referrerpolicy=\"same-origin\" target=\"_blank\" href=\"https://www.openwall.com/lists/oss-security/2024/03/29/4\">https://www.openwall.com/lists/oss-security/2024/03/29/4</a>\r\n<a rel=\"nofollow\" referrerpolicy=\"same-origin\" target=\"_blank\" href=\"https://archive.ph/gAoJL\">https://archive.ph/gAoJL</a>\r\n\r\nLTS users appear to be unaffected.","messagehash":"1612EuN/wPDMm9UYXayWQwtIUelE5EN7MOlDgEQK3zs=","nomarkup":"''backdoor in upstream xz/liblzma leading to ssh server compromise''\r\nhttps://www.openwall.com/lists/oss-security/2024/03/29/4\r\nhttps://archive.ph/gAoJL\r\n\r\nLTS users appear to be unaffected.","thread":null,"email":"","spoiler":false,"signature":null,"address":null,"banmessage":null,"userId":null,"files":[{"filename":"216cdd3660adb5d04fcc712c86f6b8754e5c90dd2859067f257915e28a19836f.png","spoiler":null,"hash":"216cdd3660adb5d04fcc712c86f6b8754e5c90dd2859067f257915e28a19836f","originalFilename":"216cdd3660adb5d04fcc712c86f6b8754e5c90dd2859067f257915e28a19836f.png","mimetype":"image/png","size":78692,"extension":".png","phash":"8d87838f9b830f1f","sizeString":"76.8KB","thumbextension":".png","geometry":{"width":768,"height":1022,"thumbwidth":192,"thumbheight":256},"geometryString":"768x1022","hasThumb":true}],"quotes":[],"crossquotes":[],"backlinks":[],"replyposts":6,"replyfiles":6,"sticky":0,"locked":0,"bumplocked":0,"cyclic":0,"bumped":"2024-03-31T18:47:27.935Z","postId":5683,"replies":[{"_id":"66084376b8ccb73234954ba5","date":"2024-03-30T16:53:10.678Z","u":1711817590678,"name":"Friend","country":null,"board":"origin","tripcode":null,"capcode":null,"subject":"","message":"<span class=\"title\">SSH backdoor in upstream xz/liblzma release tarballs!</span>\r\n<a rel=\"nofollow\" referrerpolicy=\"same-origin\" target=\"_blank\" href=\"https://www.openwall.com/lists/oss-security/2024/03/29/4\">https://www.openwall.com/lists/oss-security/2024/03/29/4</a>\r\n\r\n<span class=\"greentext\">&gt;After observing a few odd symptoms around liblzma (part of the xz package) on</span>\r\nDebian sid installations over the last weeks (logins with ssh taking a lot of\r\nCPU, valgrind errors) I figured out the answer:\r\n<span class=\"greentext\">&gt;The upstream xz repository and the xz tarballs have been backdoored.</span>\r\n<span class=\"greentext\">&gt;At first I thought this was a compromise of debian's package, but it turns out</span>\r\nto be upstream.","messagehash":"yqCwOu/KMC/yWm3kaJX+faSz3KvP4vOzLIEPamIB5Og=","nomarkup":"==SSH backdoor in upstream xz/liblzma release tarballs!==\r\nhttps://www.openwall.com/lists/oss-security/2024/03/29/4\r\n\r\n>After observing a few odd symptoms around liblzma (part of the xz package) on\r\nDebian sid installations over the last weeks (logins with ssh taking a lot of\r\nCPU, valgrind errors) I figured out the answer:\r\n>The upstream xz repository and the xz tarballs have been backdoored.\r\n>At first I thought this was a compromise of debian's package, but it turns out\r\nto be upstream.","thread":5683,"email":"","spoiler":false,"signature":null,"address":null,"banmessage":null,"userId":null,"files":[],"quotes":[],"crossquotes":[],"backlinks":[],"postId":5676},{"_id":"660872edb8ccb73234954bba","date":"2024-03-30T20:15:41.992Z","u":1711829741992,"name":"Friend","country":null,"board":"origin","tripcode":null,"capcode":null,"subject":"","message":"This commit was extra smelly.","messagehash":"NXwgGO6+Oo2OKuYsJJY87WMtT0MPWWgL0WfS+mc7HQ4=","nomarkup":"This commit was extra smelly.","thread":5683,"email":"","spoiler":false,"signature":null,"address":null,"banmessage":null,"userId":null,"files":[{"filename":"43e7992158b6d5336f70f66a07aaf29e29288ab396206df5ce67f53972558c28.png","spoiler":null,"hash":"43e7992158b6d5336f70f66a07aaf29e29288ab396206df5ce67f53972558c28","originalFilename":"xz-java.png","mimetype":"image/png","size":55076,"extension":".png","phash":"ff00e3e0f8e0f0f0","sizeString":"53.8KB","thumbextension":".png","geometry":{"width":1047,"height":547,"thumbwidth":256,"thumbheight":133},"geometryString":"1047x547","hasThumb":true}],"quotes":[],"crossquotes":[],"backlinks":[],"postId":5685},{"_id":"6608738eb8ccb73234954bbd","date":"2024-03-30T20:18:22.161Z","u":1711829902161,"name":"Friend","country":null,"board":"origin","tripcode":null,"capcode":null,"subject":"","message":"<a rel=\"nofollow\" referrerpolicy=\"same-origin\" target=\"_blank\" href=\"https://boards.4chan.org/g/thread/99736773/#p99745030\">https://boards.4chan.org/g/thread/99736773/#p99745030</a>\r\n<a rel=\"nofollow\" referrerpolicy=\"same-origin\" target=\"_blank\" href=\"https://desuarchive.org/g/thread/99736773/#99745030\">https://desuarchive.org/g/thread/99736773/#99745030</a>\r\nHere's /g/ chasing squirrels.","messagehash":"ZCYfZXiOJkhx+eCBrDSRYOUnGcLKEq3ekg8CJ7iGfPY=","nomarkup":"https://boards.4chan.org/g/thread/99736773/#p99745030\r\nhttps://desuarchive.org/g/thread/99736773/#99745030\r\nHere's /g/ chasing squirrels.","thread":5683,"email":"","spoiler":false,"signature":null,"address":null,"banmessage":null,"userId":null,"files":[{"filename":"012904fdbf85b716b12f66d4bcdb476dde213d5ab5707566fe53b10fa93c68f5.png","spoiler":null,"hash":"012904fdbf85b716b12f66d4bcdb476dde213d5ab5707566fe53b10fa93c68f5","originalFilename":"012904fdbf85b716b12f66d4bcdb476dde213d5ab5707566fe53b10fa93c68f5.png","mimetype":"image/png","size":202957,"extension":".png","phash":"3761e1e1c179131f","sizeString":"198.2KB","thumbextension":".png","geometry":{"width":939,"height":697,"thumbwidth":256,"thumbheight":190},"geometryString":"939x697","hasThumb":true}],"quotes":[],"crossquotes":[],"backlinks":[],"postId":5686},{"_id":"66087906b8ccb73234954bbf","date":"2024-03-30T20:41:42.503Z","u":1711831302503,"name":"Friend","country":null,"board":"origin","tripcode":null,"capcode":null,"subject":"","message":"Some more discussion on HN and that other blue site:\r\n<a rel=\"nofollow\" referrerpolicy=\"same-origin\" target=\"_blank\" href=\"https://news.ycombinator.com/item?id=39877267\">https://news.ycombinator.com/item?id=39877267</a>\r\n<a rel=\"nofollow\" referrerpolicy=\"same-origin\" target=\"_blank\" href=\"https://bsky.app/profile/filippo.abyssdomain.expert/post/3kowjkx2njy2b\">https://bsky.app/profile/filippo.abyssdomain.expert/post/3kowjkx2njy2b</a>","messagehash":"3toKUv4uh8q9D/TsWk2nBBBb5rTqxmOzEhH6s6KfICg=","nomarkup":"Some more discussion on HN and that other blue site:\r\nhttps://news.ycombinator.com/item?id=39877267\r\nhttps://bsky.app/profile/filippo.abyssdomain.expert/post/3kowjkx2njy2b","thread":5683,"email":"","spoiler":false,"signature":null,"address":null,"banmessage":null,"userId":null,"files":[{"filename":"99b6bba9ba2bb148e81e4d9afb6b01b87e12d67a43c1cb4bbaabc96bf2921d85.png","spoiler":null,"hash":"99b6bba9ba2bb148e81e4d9afb6b01b87e12d67a43c1cb4bbaabc96bf2921d85","originalFilename":"99b6bba9ba2bb148e81e4d9afb6b01b87e12d67a43c1cb4bbaabc96bf2921d85.png","mimetype":"image/png","size":57761,"extension":".png","phash":"c378fe04fc60e0ec","sizeString":"56.4KB","thumbextension":".png","geometry":{"width":608,"height":621,"thumbwidth":250,"thumbheight":256},"geometryString":"608x621","hasThumb":true},{"filename":"6abe3e15a6f6902634bf9e3c6851a4a6cf739bbf8b9ce6b0f486ba06d799261e.png","spoiler":null,"hash":"6abe3e15a6f6902634bf9e3c6851a4a6cf739bbf8b9ce6b0f486ba06d799261e","originalFilename":"6abe3e15a6f6902634bf9e3c6851a4a6cf739bbf8b9ce6b0f486ba06d799261e.png","mimetype":"image/png","size":49944,"extension":".png","phash":"071f1f073f03033f","sizeString":"48.8KB","thumbextension":".png","geometry":{"width":1405,"height":408,"thumbwidth":256,"thumbheight":74},"geometryString":"1405x408","hasThumb":true}],"quotes":[],"crossquotes":[],"backlinks":[],"postId":5687},{"_id":"6609194fb8ccb73234954bcf","date":"2024-03-31T08:05:35.327Z","u":1711872335327,"name":"Friend","country":null,"board":"origin","tripcode":null,"capcode":null,"subject":"","message":"The legend even made the logo.","messagehash":"kd5ujz2mPM2/+5o4I3vw8dG5zei6X8w9LHBulC4Hxvw=","nomarkup":"The legend even made the logo.","thread":5683,"email":"","spoiler":false,"signature":null,"address":null,"banmessage":null,"userId":null,"files":[{"filename":"39d34b8bbd694b305689f1fc82129a1be46f895f229ae59d899770f0d13c3ed9.png","spoiler":null,"hash":"39d34b8bbd694b305689f1fc82129a1be46f895f229ae59d899770f0d13c3ed9","originalFilename":"39d34b8bbd694b305689f1fc82129a1be46f895f229ae59d899770f0d13c3ed9.png","mimetype":"image/png","size":55863,"extension":".png","phash":"3f031e4e4a7aff00","sizeString":"54.6KB","thumbextension":".png","geometry":{"width":947,"height":671,"thumbwidth":255,"thumbheight":181},"geometryString":"947x671","hasThumb":true}],"quotes":[],"crossquotes":[],"backlinks":[],"postId":5693},{"_id":"6609afbfb8ccb73234954beb","date":"2024-03-31T18:47:27.932Z","u":1711910847932,"name":"Friend","country":null,"board":"origin","tripcode":null,"capcode":null,"subject":"","message":"<a rel=\"nofollow\" referrerpolicy=\"same-origin\" target=\"_blank\" href=\"https://gynvael.coldwind.pl/?id=782\">https://gynvael.coldwind.pl/?id=782</a>\r\nHere's a neat write-up that gets into the meat of it.","messagehash":"WOzyq7CuwI/tZJqDdOFATCs63yMMiNd6H2VNJYbqs4Q=","nomarkup":"https://gynvael.coldwind.pl/?id=782\r\nHere's a neat write-up that gets into the meat of it.","thread":5683,"email":"","spoiler":false,"signature":null,"address":null,"banmessage":null,"userId":null,"files":[{"filename":"39dfb5edf9f758db100ffc41bde07ed3f548b263be5c003b8fd8d7901f44ecb5.png","spoiler":null,"hash":"39dfb5edf9f758db100ffc41bde07ed3f548b263be5c003b8fd8d7901f44ecb5","originalFilename":"Ricardo_Juchem_paged_out.png","mimetype":"image/png","size":345503,"extension":".png","phash":"3c3c78787b503d1c","sizeString":"337.4KB","thumbextension":".png","geometry":{"width":510,"height":701,"thumbwidth":186,"thumbheight":256},"geometryString":"510x701","hasThumb":true}],"quotes":[],"crossquotes":[],"backlinks":[],"postId":5698}]}