[BCLUG] [DISCUSS] Backdoor found in widely used Linux utility

Ron / BCLUG admin at bclug.ca
Sat Mar 30 01:34:36 EDT 2024


L. V. Lammert wrote on 2024-03-29 13:08:

> Seems to make the case to only use standard tools like gzip?

I'm not sure.

I stick with gzip & bzip myself, but this was an extremely clever 
approach and I'm not sure if xz got targeted because it's a smaller 
developer group or if xz is more gullible.


I suspect everyone's going to be on the lookout going forward for such 
things.

There's already a lot of examining of previous commits by this character 
who integrated themself to a number of packages with innocuous prior 
commits.


Interesting story, and only caught by a series of coincidences (someone 
doing performance testing noticed some timing issues with failed ssh 
attempts and dug into it further).


rb



More information about the Discuss mailing list