I normally shitpost on this board as a regular..
But all you fag shills are always so caught up in Biden vs trump and some reale news actually happened and I've been on /g/ nonstop the last day.
China pulled off a major heist. They spent 2 years building a profile for a developer on GitHub and placed a backdoor in a library used ubiquitously across Linux allowing remote code execution on any affected Linux machine
Liblzma is imported to systemd that is itself imported to many flavors of ssh used by Linux for remote admin. Affected versions allow attackers remote code execution on any affected box running ssh.
This is a major flaw. Extremely bad.
The malicious commits were Feb 23
https://hackaday.com/2024/03/29/security-alert-potential-ssh-backdoor-via-liblzma/https://thehackernews.com/2024/03/urgent-secret-backdoor-found-in-xz.htmlhttps://arstechnica.com/security/2024/03/backdoor-found-in-widely-used-linux-utility-breaks-encrypted-ssh-connections/https://lwn.net/ml/oss-security/[email protected]/https://www.linkedin.com/in/crazytanhttps://boehs.org/node/everything-i-know-about-the-xz-backdoor