Wed Oct 30 02:32:52 2024
EVENTS
 FREE
SOFTWARE
INSTITUTE

POLITICS
JOBS
MEMBERS'
CORNER

MAILING
LIST

NYLXS Mailing Lists and Archives
NYLXS Members have a lot to say and share but we don't keep many secrets. Join the Hangout Mailing List and say your peice.

DATE 2024-04-01

HANGOUT

2024-10-30 | 2024-09-30 | 2024-08-30 | 2024-07-30 | 2024-06-30 | 2024-05-30 | 2024-04-30 | 2024-03-30 | 2024-02-29 | 2024-01-29 | 2023-12-29 | 2023-11-29 | 2023-10-29 | 2023-09-29 | 2023-08-29 | 2023-07-29 | 2023-06-29 | 2023-05-29 | 2023-04-29 | 2023-03-29 | 2023-02-28 | 2023-01-28 | 2022-12-28 | 2022-11-28 | 2022-10-28 | 2022-09-28 | 2022-08-28 | 2022-07-28 | 2022-06-28 | 2022-05-28 | 2022-04-28 | 2022-03-28 | 2022-02-28 | 2022-01-28 | 2021-12-28 | 2021-11-28 | 2021-10-28 | 2021-09-28 | 2021-08-28 | 2021-07-28 | 2021-06-28 | 2021-05-28 | 2021-04-28 | 2021-03-28 | 2021-02-28 | 2021-01-28 | 2020-12-28 | 2020-11-28 | 2020-10-28 | 2020-09-28 | 2020-08-28 | 2020-07-28 | 2020-06-28 | 2020-05-28 | 2020-04-28 | 2020-03-28 | 2020-02-28 | 2020-01-28 | 2019-12-28 | 2019-11-28 | 2019-10-28 | 2019-09-28 | 2019-08-28 | 2019-07-28 | 2019-06-28 | 2019-05-28 | 2019-04-28 | 2019-03-28 | 2019-02-28 | 2019-01-28 | 2018-12-28 | 2018-11-28 | 2018-10-28 | 2018-09-28 | 2018-08-28 | 2018-07-28 | 2018-06-28 | 2018-05-28 | 2018-04-28 | 2018-03-28 | 2018-02-28 | 2018-01-28 | 2017-12-28 | 2017-11-28 | 2017-10-28 | 2017-09-28 | 2017-08-28 | 2017-07-28 | 2017-06-28 | 2017-05-28 | 2017-04-28 | 2017-03-28 | 2017-02-28 | 2017-01-28 | 2016-12-28 | 2016-11-28 | 2016-10-28 | 2016-09-28 | 2016-08-28 | 2016-07-28 | 2016-06-28 | 2016-05-28 | 2016-04-28 | 2016-03-28 | 2016-02-28 | 2016-01-28 | 2015-12-28 | 2015-11-28 | 2015-10-28 | 2015-09-28 | 2015-08-28 | 2015-07-28 | 2015-06-28 | 2015-05-28 | 2015-04-28 | 2015-03-28 | 2015-02-28 | 2015-01-28 | 2014-12-28 | 2014-11-28 | 2014-10-28 | 2014-09-28 | 2014-08-28 | 2014-07-28 | 2014-06-28 | 2014-05-28 | 2014-04-28 | 2014-03-28 | 2014-02-28 | 2014-01-28 | 2013-12-28 | 2013-11-28 | 2013-10-28 | 2013-09-28 | 2013-08-28 | 2013-07-28 | 2013-06-28 | 2013-05-28 | 2013-04-28 | 2013-03-28 | 2013-02-28 | 2013-01-28 | 2012-12-28 | 2012-11-28 | 2012-10-28 | 2012-09-28 | 2012-08-28 | 2012-07-28 | 2012-06-28 | 2012-05-28 | 2012-04-28 | 2012-03-28 | 2012-02-28 | 2012-01-28 | 2011-12-28 | 2011-11-28 | 2011-10-28 | 2011-09-28 | 2011-08-28 | 2011-07-28 | 2011-06-28 | 2011-05-28 | 2011-04-28 | 2011-03-28 | 2011-02-28 | 2011-01-28 | 2010-12-28 | 2010-11-28 | 2010-10-28 | 2010-09-28 | 2010-08-28 | 2010-07-28 | 2010-06-28 | 2010-05-28 | 2010-04-28 | 2010-03-28 | 2010-02-28 | 2010-01-28 | 2009-12-28 | 2009-11-28 | 2009-10-28 | 2009-09-28 | 2009-08-28 | 2009-07-28 | 2009-06-28 | 2009-05-28 | 2009-04-28 | 2009-03-28 | 2009-02-28 | 2009-01-28 | 2008-12-28 | 2008-11-28 | 2008-10-28 | 2008-09-28 | 2008-08-28 | 2008-07-28 | 2008-06-28 | 2008-05-28 | 2008-04-28 | 2008-03-28 | 2008-02-28 | 2008-01-28 | 2007-12-28 | 2007-11-28 | 2007-10-28 | 2007-09-28 | 2007-08-28 | 2007-07-28 | 2007-06-28 | 2007-05-28 | 2007-04-28 | 2007-03-28 | 2007-02-28 | 2007-01-28 | 2006-12-28 | 2006-11-28 | 2006-10-28 | 2006-09-28 | 2006-08-28 | 2006-07-28 | 2006-06-28 | 2006-05-28 | 2006-04-28 | 2006-03-28 | 2006-02-28 | 2006-01-28 | 2005-12-28 | 2005-11-28 | 2005-10-28 | 2005-09-28 | 2005-08-28 | 2005-07-28 | 2005-06-28 | 2005-05-28 | 2005-04-28 | 2005-03-28 | 2005-02-28 | 2005-01-28 | 2004-12-28 | 2004-11-28 | 2004-10-28 | 2004-09-28 | 2004-08-28 | 2004-07-28 | 2004-06-28 | 2004-05-28 | 2004-04-28 | 2004-03-28 | 2004-02-28 | 2004-01-28 | 2003-12-28 | 2003-11-28 | 2003-10-28 | 2003-09-28 | 2003-08-28 | 2003-07-28 | 2003-06-28 | 2003-05-28 | 2003-04-28 | 2003-03-28 | 2003-02-28 | 2003-01-28 | 2002-12-28 | 2002-11-28 | 2002-10-28 | 2002-09-28 | 2002-08-28 | 2002-07-28 | 2002-06-28 | 2002-05-28 | 2002-04-28 | 2002-03-28 | 2002-02-28 | 2002-01-28 | 2001-12-28 | 2001-11-28 | 2001-10-28 | 2001-09-28 | 2001-08-28 | 2001-07-28 | 2001-06-28 | 2001-05-28 | 2001-04-28 | 2001-03-28 | 2001-02-28 | 2001-01-28 | 2000-12-28 | 2000-11-28 | 2000-10-28 | 2000-09-28 | 2000-08-28 | 2000-07-28 | 2000-06-28 | 2000-05-28 | 2000-04-28 | 2000-03-28 | 2000-02-28 | 2000-01-28 | 1999-12-28

Key: Value:

Key: Value:

MESSAGE
DATE 2024-04-25
FROM Ruben Safir
SUBJECT Subject: [Hangout - NYLXS] xz backdoor
https://gist.github.com/thesamesam/223949d5a074ebc3dce9ee78baad9e27

FAQ on the xz-utils backdoor (CVE-2024-3094)

This is a living document. Everything in this document is made in good
faith of being accurate, but like I just said; we don't yet know
everything about what's going on.
Background

On March 29th, 2024, a backdoor was discovered in xz-utils, a suite of
software that gives developers lossless compression. This package is
commonly used for compressing release tarballs, software packages,
kernel images, and initramfs images. It is very widely distributed,
statistically your average Linux or macOS system will have it installed
for convenience.

This backdoor is very indirect and only shows up when a few known
specific criteria are met. Others may be yet discovered! However, this
backdoor is at least triggerable by remote unprivileged systems
connecting to public SSH ports. This has been seen in the wild where it
gets activated by connections - resulting in performance issues, but we
do not know yet what is required to bypass authentication (etc) with it.

We're reasonably sure the following things need to be true for your
system to be vulnerable:

You need to be running a distro that uses glibc (for IFUNC)
You need to have versions 5.6.0 or 5.6.1 of xz or liblzma installed
(xz-utils provides the library liblzma) - likely only true if running a
rolling-release distro and updating religiously.

We know that the combination of systemd and patched openssh are
vulnerable but pending further analysis of the payload, we cannot be
certain that other configurations aren't.

While not scaremongering, it is important to be clear that at this
stage, we got lucky, and there may well be other effects of the infected
liblzma.

If you're running a publicly accessible sshd, then you are - as a rule
of thumb for those not wanting to read the rest here - likely vulnerable.

If you aren't, it is unknown for now, but you should update as quickly
as possible because investigations are continuing.

TL:DR:

Using a .deb or .rpm based distro with glibc and xz-5.6.0 or xz-5.6.1:
Using systemd on publicly accessible ssh: update RIGHT NOW NOW NOW
Otherwise: update RIGHT NOW NOW but prioritize the former
Using another type of distribution:
With glibc and xz-5.6.0 or xz-5.6.1: update RIGHT NOW, but
prioritize the above.


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

You are right that he did attack the makefile but the makefile is for
the addition of xz to standard opensshd for deb and rpms

I don't use debs or rpms



--
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com
DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002

http://www.nylxs.com - Leadership Development in Free Software
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013
_______________________________________________
Hangout mailing list
Hangout-at-nylxs.com
http://lists.mrbrklyn.com/mailman/listinfo/hangout

  1. 2024-04-01 Gabor Szabo <gabor-at-szabgab.com> Subject: [Hangout - NYLXS] [Perlweekly] #662 - TPRC in Las Vegas
  2. 2024-04-03 From: "Free Software Foundation" <info-at-fsf.org> Subject: [Hangout - NYLXS] There are plenty of ways to socialize at
  3. 2024-04-02 From: "Free Software Foundation" <info-at-fsf.org> Subject: [Hangout - NYLXS] Free Software Supporter -- Issue 192, April 2024
  4. 2024-04-01 From: "Humble Bundle" <contact-at-mailer.humblebundle.com> Subject: [Hangout - NYLXS] =?utf-8?b?SXTigJlzIHRpbWUgdG8gbWFzdGVyIEMjICYg?=
  5. 2024-04-05 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Hangout - NYLXS] Earthquake
  6. 2024-04-05 Ruben Safir <mrbrklyn-at-panix.com> Re: [Hangout - NYLXS] Earthquake
  7. 2024-04-07 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Hangout - NYLXS] Testimony
  8. 2024-04-07 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Hangout - NYLXS] Amsterdam - Hals Exhibit
  9. 2024-04-08 Gabor Szabo <gabor-at-szabgab.com> Subject: [Hangout - NYLXS] [Perlweekly] #663 - No idea
  10. 2024-04-10 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Hangout - NYLXS] death to america
  11. 2024-04-11 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Hangout - NYLXS] Caliphate in Germany...
  12. 2024-04-11 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Hangout - NYLXS] Oh and BTW - in Iran
  13. 2024-04-13 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Hangout - NYLXS] Now for Something Different - Democracy and
  14. 2024-04-13 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Hangout - NYLXS] xz exlpoit - and social hacking
  15. 2024-04-14 Ruben Safir <mrbrklyn-at-panix.com> Subject: [Hangout - NYLXS] German Citizenship
  16. 2024-04-15 Touro Graduate School of Technology <info.gst-at-touro.edu> Subject: [Hangout - NYLXS] Get Ahead of the Curve: How AI is Changing Work
  17. 2024-04-17 Ruben Safir <mrbrklyn-at-panix.com> Subject: [Hangout - NYLXS] Racist MTA from the ground up...
  18. 2024-04-15 Gabor Szabo <gabor-at-szabgab.com> Subject: [Hangout - NYLXS] [Perlweekly] #664 - German Perl Workshop
  19. 2024-04-19 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Hangout - NYLXS] Try something pretty incredable
  20. 2024-04-22 Gabor Szabo <gabor-at-szabgab.com> Subject: [Hangout - NYLXS] [Perlweekly] #665 - How to get better at Perl?
  21. 2024-04-25 Ruben Safir <ruben-at-mrbrklyn.com> Subject: [Hangout - NYLXS] xz backdoor
  22. 2024-04-26 Ruben Safir <mrbrklyn-at-panix.com> Subject: [Hangout - NYLXS] Fwd: Contracting News: April 2024 Vendor
  23. 2024-04-29 Gabor Szabo <gabor-at-szabgab.com> Subject: [Hangout - NYLXS] [Perlweekly] #666 - LPW 2024

NYLXS are Do'ers and the first step of Doing is Joining! Join NYLXS and make a difference in your community today!