LibsEatPoop [any]@hexbear.net to technology@hexbear.netEnglish · edit-26 months agoAll Linux users, check your XZ library. You might be infected.www.cyberkendra.comexternal-linkmessage-square30fedilinkarrow-up178arrow-down10file-text
arrow-up178arrow-down1external-linkAll Linux users, check your XZ library. You might be infected.www.cyberkendra.comLibsEatPoop [any]@hexbear.net to technology@hexbear.netEnglish · edit-26 months agomessage-square30fedilinkfile-text
minus-squareFareshlinkfedilinkEnglisharrow-up23·6 months agoDo not run xz --version. Instead check the version in your package manager.
minus-squareheyfrancislinkfedilinkEnglisharrow-up14·edit-26 months agodebian/ubuntu based distros: apt show xz-utils or dpkg -l | grep xz redhat/fedora-based: yum info xz dnf info xz arch-based: pacman -Qi xz EDIT: correction as suggested below
minus-squarepoweruser@lemmy.sdf.orglinkfedilinkEnglisharrow-up3·6 months agoOn my machine the package name is slightly different: apt show xz-utils
minus-squarebuckykat [none/use name]@hexbear.netlinkfedilinkEnglisharrow-up2·6 months ago5.4.1, my habit of putting off updates pays off again
minus-squareLibsEatPoop [any]@hexbear.netOPlinkfedilinkEnglisharrow-up6·6 months agoWhy is that? I know the latter gives you more info, but it’s still the same thing isn’t it?
minus-squareFareshlinkfedilinkEnglisharrow-up21·6 months agoBecause you are running the affected software. It’s a bad idea to run something if we are aware that it contains or relies on malicious code.
minus-squareLibsEatPoop [any]@hexbear.netOPlinkfedilinkEnglisharrow-up15·6 months agoOmg obviously. Can’t believe I didn’t realize that. Thanks for the answer.
Do not run
xz --version. Instead check the version in your package manager.debian/ubuntu based distros: apt show xz-utils or dpkg -l | grep xz redhat/fedora-based: yum info xz dnf info xz arch-based: pacman -Qi xzEDIT: correction as suggested below
On my machine the package name is slightly different:
apt show xz-utils
5.4.1, my habit of putting off updates pays off again
Why is that? I know the latter gives you more info, but it’s still the same thing isn’t it?
Because you are running the affected software. It’s a bad idea to run something if we are aware that it contains or relies on malicious code.
Omg obviously. Can’t believe I didn’t realize that. Thanks for the answer.