LibsEatPoop [any] to technology • edit-29 months agoAll Linux users, check your XZ library. You might be infected.external-linkmessage-square30 fedilinkarrow-up179file-text
arrow-up179external-linkAll Linux users, check your XZ library. You might be infected.LibsEatPoop [any] to technology • edit-29 months agomessage-square30 Commentsfedilinkfile-text
minus-squareFaresh@lemmy.mlhexbear23·9 months agoDo not run xz --version. Instead check the version in your package manager. linkfedilink
minus-squareheyfrancis@lemmy.mlhexbear14·edit-29 months agodebian/ubuntu based distros: apt show xz-utils or dpkg -l | grep xz redhat/fedora-based: yum info xz dnf info xz arch-based: pacman -Qi xz EDIT: correction as suggested below linkfedilink
minus-squarepoweruser@lemmy.sdf.orghexbear3·9 months agoOn my machine the package name is slightly different: apt show xz-utils linkfedilink
minus-squarebuckykat [none/use name]hexbear2·9 months ago5.4.1, my habit of putting off updates pays off again link
minus-squareLibsEatPoop [any]hexagonhexbear6·9 months agoWhy is that? I know the latter gives you more info, but it's still the same thing isn't it? link
minus-squareFaresh@lemmy.mlhexbear20·9 months agoBecause you are running the affected software. It's a bad idea to run something if we are aware that it contains or relies on malicious code. linkfedilink
minus-squareLibsEatPoop [any]hexagonhexbear15·9 months agoOmg obviously. Can't believe I didn't realize that. Thanks for the answer. link
Do not run
xz --version
. Instead check the version in your package manager.debian/ubuntu based distros: apt show xz-utils or dpkg -l | grep xz redhat/fedora-based: yum info xz dnf info xz arch-based: pacman -Qi xz
EDIT: correction as suggested below
On my machine the package name is slightly different:
apt show xz-utils
5.4.1, my habit of putting off updates pays off again
Why is that? I know the latter gives you more info, but it's still the same thing isn't it?
Because you are running the affected software. It's a bad idea to run something if we are aware that it contains or relies on malicious code.
Omg obviously. Can't believe I didn't realize that. Thanks for the answer.