XZ Utils Compromised Releases

Frank Dean frank at fdsd.co.uk
Fri Mar 29 17:16:07 UTC 2024

I received a security announcement on the Debian mailing list [1].  It appears versions 5.6.0 of XY Utils and later may be compromised.  I also found a discussion on Openwall [2].

[1]: https://lists.debian.org/debian-security-announce/2024/msg00057.html <https://lists.debian.org/debian-security-announce/2024/msg00057.html>

[2]: https://www.openwall.com/lists/oss-security/2024/03/29/4 <https://www.openwall.com/lists/oss-security/2024/03/29/4>

I'm afraid that's all I know.  Just a heads-up.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macports.org/pipermail/macports-dev/attachments/20240329/12aa36f6/attachment.htm>

More information about the macports-dev mailing list